Following the news that Adobe is expected to release a patch for CVE-2016-4171, Tod Beardsley, Security Research Manager at Rapid7 commented below.
Tod Beardsley, Security Research Manager at Rapid7:
The positive effect of this announcement is the fact that it gives us a chance to remind people that Flash remains a very popular vector for client side attacks. In fact, I said as much almost a year ago.
Since then, many organisations have taken defensive steps to ensure that Flash is has the same click-to-play protections as Java in their desktop space, so those enterprises are in a better position to defend against this and the next Adobe Flash exploit.
Our products teams here at Rapid7 are alert to this news, and will be working up solutions in Nexpose and Metasploit to cover this vulnerability, and our blog will be updated when those checks and modules are available.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.