Adobe Flash Exploits
The figure below shows the prevalence of different Adobe Flash exploits by quarter.
Adobe Flash exploits detected and blocked by Microsoft antimalware products, 3Q10â€“2Q11
Click on the Image to Enlarge
- Exploitation of Adobe Flash Player increased dramatically in 2Q11 with the disclosure of two new vulnerabilities, CVE-2011-0611 and CVE-2011-2110.
- CVE-2011-0611 was discovered in April 2011 when it was observed being exploited in the wild, typically in the form of malicious .zip files attached to spam email messages purporting to contain information about the Fukushima Daiichi nuclear disaster in Japan. Adobe Systems released Security Bulletin APSB-07 on April 15, 2011 to address the issue. On the same day the security update was released, attacks targeting the vulnerability skyrocketed and remained high for several days, focusing on computers in Korea. About a month later, a second uptick in attacks was observed, affecting multiple locations.
- CVE-2011-2110 was discovered in May 2011, and Adobe released Security Bulletin APSB11-18 on June 15 addressing the issue. As with CVE-2011-0611, attacks targeting the vulnerability spiked just after the security update was released, and predominantly targeted computers in Korea.
- For more information about these two vulnerabilities, see the following posts on the MMPC blog (blogs.technet.com/mmpc):
- Analysis of the CVE-2011-0611 Adobe Flash Player vulnerability exploitation (April 12, 2011)
- Exploits for CVE-2011-2110 focus on Korea (June 21, 2011)