Adobe patched the remote code execution vulnerability (CVE-2012-1535) in Flash Player which could cause the application to crash and possibly admit an attacker to take hold of the compromised computer last Tuesday as part of its regularly scheduled update. At the time, the company alleged there were accounts of the exposure being exploited in the wild in “limited attacks” using malevolent Word documents.
Symantec investigators have noticed such attacks since August. 10th, Symantec’s Bhaskar Krishna wrote of the occurences the Symantec news blog.
The Word document incorporates a malicious SWF file with ActionScript that applies heapspraying methods utilizing embedded shellcode, Krishna said. The Flash exploit is triggered by a font file.
“A large number of attacks were sent on August 13,” Krishna found.
Adobe fixed just one vulnerability in Flash over a week ago, and followed through with a greater security update this week fixing six additional issues in Flash Player across all platforms.