FireEye has detailed an attack on a recent zero-day vulnerability Adobe patched last week.
The flaw (CVE-2916-4117) affects the previous latest version of Adobe Flash and copped a rushed patch after FireEye reported attacks in the wild.
Genwei Jiang, a Singaporean senior security engineer, has revealed the details of the previously undisclosed phishing attacks he reported and says it is being actively deployed.
Affected users need to run Windows, Flash, and Microsoft Office, and fall for some form of phishing link or file.
Original Source: The Register
View the full story here