Adobe Flash is a multimedia platform that combines graphics, animation, video, and sound. Many websites use it to create rich, dynamic content. However, hackers have always been known to exploit weaknesses in its security to compromise systems.
Now that Adobe Flash is embedded into Windows 10 and browsers such as Chrome, it is more important than ever to protect against hackers who might use it to gain access to your data and infect your machine with malware.
Cybercriminals revealed one such weakness this week, and security researchers first noticed it when a zero-day exploit targeted a clinic that provides medical and cosmetic services to high-level Russian government employees.
What is a 0-day exploit?
This is a security weakness in software that software developers have not yet known or patched. Leading software developers often offer bug bounty deals to security researchers who find and report bugs.
This usually allows those bugs to be fixed before hackers can use them. But exploits of this kind are also commonly sold on the black market, sometimes for extraordinarily high sums. A tool like this, which has not yet developed any patches, is powerful and can be used for targeted attacks like the one in the clinic.
Adobe has responded quickly to the news and released a patch in version 32.0.0.101 of Flash Player, which protects against this exploit. It received the nickname “Operation Poison Needles” due to the location it was initially discovered. However, now that this has been disclosed publicly, many other reports of hackers using this same exploit to spread ransomware have come to light.
This malicious Adobe Flash code is often embedded into a regular Word document. However, when you open it, it will prompt you to enable the malicious Adobe Flash content. If you do so, your machine will be infected.
You can go to https://www.adobe.com/products/flashplayer/end-of-life-alternative.html to download the latest updates to Adobe Flash.
You can always call our team and let us automatically handle security updates like the above. With our remote agent software, we can ensure all your systems are always kept up to date and protected against the latest generation of cyber threats.
Lets Talk!
If you have additional comments or questions about this article, you can share them in this section.