topic Zero-day vulnerability in Adobe Flash, CVE-2015-0313 in General Topics https://live.paloaltonetworks.com/t5/general-topics/zero-day-vulnerability-in-adobe-flash-cve-2015-0313/m-p/17966#M13079 <HTML><HEAD></HEAD><BODY><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;"><SPAN style="font-style: inherit; font-family: inherit;">Vulnerability Coverage:</SPAN></P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">Wildfire AV - WF 52532 (today) (PAN-OS 5.0+), and AV 1478 (tomorrow). Virus/Win32.CVE-2015-0313.a </P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">IPS Signature- Planning to release with 2/3 IPS signature release</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;"></P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">URLs associated with Malicious SWF samples:</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">Malicious domains added to PAN-DB/malware already (PAN-OS 5.0 +) </P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;"></P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">CnC/Spyware:</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">Malicious DNS signatures added for domains associated with malicious samples (PAN-OS 5.0+)</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;"></P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">WildFire:</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">Forward SWF flash files to Wildfire for analysis.</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;"></P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">Traps Advanced Endpoint Protection:</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">Traps was able to mitigate the last zero-day vulnerability.&nbsp; Palo Alto Networks has not confirmed this yet.</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;"><A class="jive-link-external-small" href="http://researchcenter.paloaltonetworks.com/2015/01/unpatched-flash-vulnerability-cve-2015-0311-blocked-palo-alto-networks-traps/" rel="nofollow" style="font-style: inherit; font-family: inherit; color: #006595;">http://researchcenter.paloaltonetworks.com/2015/01/unpatched-flash-vulnerability-cve-2015-0311-blocked-palo-alto-networks-traps/</A></P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;"></P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">Other mitigations:</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">Investigate removing Adobe Flash if not required. YouTube is now moving to html5 so more sites will continue to follow.</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;"><A class="jive-link-external-small" href="https://helpx.adobe.com/security/products/flash-player/apsa15-02.html" rel="nofollow" style="font-style: inherit; font-family: inherit; color: #006595;">https://helpx.adobe.com/security/products/flash-player/apsa15-02.html</A></P></BODY></HTML> Mon, 02 Feb 2015 23:33:03 GMT Retired Member 2015-02-02T23:33:03Z Zero-day vulnerability in Adobe Flash, CVE-2015-0313 https://live.paloaltonetworks.com/t5/general-topics/zero-day-vulnerability-in-adobe-flash-cve-2015-0313/m-p/17966#M13079 <HTML><HEAD></HEAD><BODY><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;"><SPAN style="font-style: inherit; font-family: inherit;">Vulnerability Coverage:</SPAN></P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">Wildfire AV - WF 52532 (today) (PAN-OS 5.0+), and AV 1478 (tomorrow). Virus/Win32.CVE-2015-0313.a </P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">IPS Signature- Planning to release with 2/3 IPS signature release</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;"></P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">URLs associated with Malicious SWF samples:</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">Malicious domains added to PAN-DB/malware already (PAN-OS 5.0 +) </P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;"></P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">CnC/Spyware:</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">Malicious DNS signatures added for domains associated with malicious samples (PAN-OS 5.0+)</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;"></P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">WildFire:</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">Forward SWF flash files to Wildfire for analysis.</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;"></P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">Traps Advanced Endpoint Protection:</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">Traps was able to mitigate the last zero-day vulnerability.&nbsp; Palo Alto Networks has not confirmed this yet.</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;"><A class="jive-link-external-small" href="http://researchcenter.paloaltonetworks.com/2015/01/unpatched-flash-vulnerability-cve-2015-0311-blocked-palo-alto-networks-traps/" rel="nofollow" style="font-style: inherit; font-family: inherit; color: #006595;">http://researchcenter.paloaltonetworks.com/2015/01/unpatched-flash-vulnerability-cve-2015-0311-blocked-palo-alto-networks-traps/</A></P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;"></P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">Other mitigations:</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;">Investigate removing Adobe Flash if not required. YouTube is now moving to html5 so more sites will continue to follow.</P><P style="font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; color: #3b3b3b;"><A class="jive-link-external-small" href="https://helpx.adobe.com/security/products/flash-player/apsa15-02.html" rel="nofollow" style="font-style: inherit; font-family: inherit; color: #006595;">https://helpx.adobe.com/security/products/flash-player/apsa15-02.html</A></P></BODY></HTML> Mon, 02 Feb 2015 23:33:03 GMT https://live.paloaltonetworks.com/t5/general-topics/zero-day-vulnerability-in-adobe-flash-cve-2015-0313/m-p/17966#M13079 Retired Member 2015-02-02T23:33:03Z Re: Zero-day vulnerability in Adobe Flash, CVE-2015-0313 https://live.paloaltonetworks.com/t5/general-topics/zero-day-vulnerability-in-adobe-flash-cve-2015-0313/m-p/17967#M13080 <HTML><HEAD></HEAD><BODY><P style="font-size: 13.3333330154419px;">Vuln Protection was added with Apps+Threats Content package 484</P><P style="font-size: 13.3333330154419px;"></P><P class="p1" style="font-size: 13.3333330154419px;">On Release Notes, New Vulnerability Signature:</P><P class="p1" style="font-size: 13.3333330154419px;"></P><P class="p1" style="font-size: 13.3333330154419px;">Threat ID 37364</P><P class="p1" style="font-size: 13.3333330154419px;">Adobe Flash Player Memory Corruption Vulnerability</P><P class="p1" style="font-size: 13.3333330154419px;">CVE-2015-0313</P><P class="p1" style="font-size: 13.3333330154419px;"><IMG __jive_id="18182" alt="Screen Shot 2015-02-05 at 12.05.05 PM.png" class="image-0 jive-image jiveImage" height="16" src="https://live.paloaltonetworks.com/legacyfs/online/18183_Screen Shot 2015-02-05 at 12.05.05 PM.png" style="height: 16px; width: 901.818181818182px;" width="902" /></P></BODY></HTML> Thu, 05 Feb 2015 20:07:57 GMT https://live.paloaltonetworks.com/t5/general-topics/zero-day-vulnerability-in-adobe-flash-cve-2015-0313/m-p/17967#M13080 mivaldi 2015-02-05T20:07:57Z