In today’s threat landscape, Adobe Flash Player unfortunately remains an attractive attack vector for adversaries to exploit and compromise systems. Over the past year, Talos has observed several instances where adversaries have identified zero-day vulnerabilities and exploited them to compromise systems. Talos is aware of reports that CVE-2016-1019, an Adobe Flash 0-day vulnerability, is currently being exploited in the wild and is affecting systems running Windows 10 and earlier.
According to the Adobe Flash Player security advisory published on April 5, Flash Player versions 220.127.116.11 and earlier are susceptible to compromise via CVE-2016-1019. This includes Flash Player version 18.104.22.1686 as well as Flash Player Extended Support Release (ESR) version 22.214.171.1243 and earlier. One special note is that as of March 10, 2016, Adobe introduced a mitigation that prevents exploitation of CVE-2016-1019 in Flash version 126.96.36.199 and later.