A new zero-day vulnerability in Adobe Flash player is being exploited in limited, targeted attacks. The vulnerability (CVE-2016-4171) is due to be patched tomorrow, June 16. In order to protect customers until a patch is available, Symantec has rolled out an antivirus signature (Exp.CVE-2016-4171) that will block attempted exploits.
The critical vulnerability affects Adobe Flash Player 126.96.36.199 and earlier versions for the following operation systems:
- Mac OS X
- Chrome OS
Adobe has said that it is aware of a report that an exploit for the vulnerability exists in the wild. The exploit is currently being used in limited, targeted attacks. The vulnerability will be patched as part of Adobe’s monthly security update, which will be available as early as June 16.
Flash Player users are advised to immediately update to the latest version once it is available. Since this vulnerability is already being exploited in the wild, users should make updating this software a priority.
Users who are concerned about this issue can temporarily disable Adobe Flash in the browser by taking the following steps:
Internet Explorer versions 10 and 11
- Open Internet Explorer
- Click on the Tools menu, and then click Manage add-ons
- Under “Show”, select All add-ons
- Select Shockwave Flash Object and then click on the Disable button
You can re-enable Adobe Flash by repeating the same process, selecting Shockwave Flash Object, and clicking on the Enable button.
Guidance for users of earlier versions of Internet Explorer is available on the Microsoft website; select the version of Internet Explorer you are using at the top right corner.
- Open Firefox
- Open the browser menu and click Add-ons
- Select the Plugins tab
- Select Shockwave Flash and click Disable
You can re-enable Flash by repeating the same process, selecting Shockwave Flash, and then clicking on the Enable button.
- Open Chrome
- Enter chrome://plugins/ in the address bar and hit the Enter key
- Click the Disable link under the Adobe Flash Player plugin
You can re-enable Flash by repeating the same process and clicking the Enable link.
Customers using up-to-date versions of Symantec Endpoint Protection and Norton Security are protected by the following antivirus signature: