//
you're reading...
IT & TECHNOLOGY, Palo Alto Networks

Palo Alto Networks Traps Protects From Latest Flash Zero-Day Vulnerability CVE-2015-5119


Palo-Alto-Networks-Logo-with-Tagline

Following this week’s headline-grabbing breach, we all learned of an exploit utilizing CVE-2015-5119, a zero-day vulnerability in Adobe Flash. Successful exploitation of this vulnerability allows an attacker to take control of an affected endpoint, making it a critical threat. Various security researchers have since reported that the zero-day was indeed exploited in active attacks.

CVE-2015-5119 can be exploited against all commonly used browsers, including Google Chrome, which is considered to be much harder to exploit relative to other browsers.

This disclosure provides us a rare glimpse into the advanced attack tools market. From my perspective, the critical lesson to take from this incident is not the specific zero-day vulnerability itself, but the acknowledgment that this is merely the tip of the iceberg. One live zero-day exploit was disclosed by chance, but many others are and will be developed, marketed and utilized worldwide.

CVE-2015-5119 is part of an increasing trend of exploiting Flash vulnerabilities. Earlier this year we have referred in this blog to zero days CVE-2015-0311 and CVE-2015-0313, as well as a deep technical analysis of a new Flash vulnerability exploitation. Most recently  was the CVE-2015-3113 zero-day, disclosed a week ago. Additional patched Flash vulnerabilities were rapidly reversed by attackers and integrated in the leading exploit kits.

To counter trends like these, the endpoint security paradigm must shift towards a proactive approach, capable of preventing known and zero day exploits. Palo Alto Networks Traps prevents memory corruption exploits in real time, obstructing the core techniques used in exploitation without needing to rely on any prior knowledge of attacks. Traps successfully prevented exploitation zero-day CVE-2015-5119, and users of Traps as part of the Palo Alto Networks Security Platform were already protected from exploitation of these vulnerabilities prior to the disclosure and patch.

Exploits are the default attack vector in the current threat landscape. Traps is the only solution that provides proactive protection from this vector.

Read more about Traps advanced endpoint protection here.

[Palo Alto Networks Blog]

About @PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Web Stats

  • 119,159 hits
@PhilipHungCao

@PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Personal Links

View Full Profile →

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 2,247 other followers

Twitter Updates

Archives

July 2015
M T W T F S S
« Jun   Aug »
 12345
6789101112
13141516171819
20212223242526
2728293031  
%d bloggers like this: