June 19, 2016
This week, Adobe patched a zero-day vulnerability (CVE-2016-4171) used in targeted cyber-espionage attacks, which, according to Russian security vendor Kaspersky Lab, abused the Windows DDE protocol to deliver malware.
News broke out about the presence of this new zero-day on Tuesday, and two days later, Adobe released Flash Player version 22.0.0.192 to fix the zero-day and 35 other security bugs.
StarCruft APT currently conducting two cyber-espionage campaigns
Security firm Kaspersky Lab discovered the zero-day, and in its initial report, the company said the vulnerability was part of the arsenal of a cyber-espionage group they codenamed StarCruft.
The group had carried out multiple cyber-attacks, which the company was tracking as Operation Erebus and Operation Daybreak.
The zero-day was part of the more recent Operation Daybreak campaign, during which Kaspersky says the group also employed two other Adobe exploits (CVE-2016-4117 and CVE-2016-0147) and an Internet Explorer exploit. For Operation Erebus, Kaspersky claimed the association used only CVE-2016-4117, which was served through watering hole attacks.