Adobe isn’t coming to rest. Now there is a new zero-day exploit in the wild exploiting a vulnerability in all current Flash Player versions. Adobe already has a security bulletin online; an update is announced for the week around the 27th of September for Flash and 4th of October for Reader and Acrobat.
Until then, visiting a web site which has an malicious flash embedded (which can be every web site therefor), can lead to a full system compromise. Until an update is available, users have to protect themselves with up-to-date anti-malware solutions.
The currently spread malicious flash uses heap spraying for planting and executing shellcode in the system. It also tries to download further malware which exploits a vulnerability in Java (CVE-2010-0094). It has functions like
for that. Embedded is a html file as well, showing some geek ASCII art.
Avira already detected the malicious flash with heuristic detections as HEUR/HTML.Malware; we added a detection as EXP/Flash.CY though. Thus users of Avira security solutions are protected from this threat.