In today’s threat landscape, Adobe Flash Player unfortunately remains an attractive attack vector for adversaries to exploit and compromise systems. Over the past year, Talos has observed several instances where adversaries have identified zero-day vulnerabilities and exploited them to compromise systems. Talos is aware of reports that CVE-2016-1019, an Adobe Flash 0-day vulnerability, is currently being exploited in the wild and is affecting systems running Windows 10 and earlier.
According to the Adobe Flash Player security advisory published on April 5, Flash Player versions 18.104.22.168 and earlier are susceptible to compromise via CVE-2016-1019. This includes Flash Player version 22.214.171.1246 as well as Flash Player Extended Support Release (ESR) version 126.96.36.1993 and earlier. One special note is that as of March 10, 2016, Adobe introduced a mitigation that prevents exploitation of CVE-2016-1019 in Flash version 188.8.131.52 and later.