Dissecting the CVE-2011-0611 Flash Player Zero Day – Part 1

Within the past few days,  We’ve seen the emergence of a new zero-day attack that involves flash files embedded into word documents.   These have purportedly been used in an attempt to compromise machines belonging to government-affiliated persons, as detailed here: http://krebsonsecurity.com/2011/04/new-adobe-flash-zero-day-being-exploited/ http://contagiodump.blogspot.com/2011/04/apr-8-cve-2011-0611-flash-player-zero.html As detailed in previous posts,  NetWitness tries to stay away from “signature” based [...]