Monday, April 18, 2016

Adobe Launched Security Update Against a Flaw

Adobe Flash Update
Adobe meant to keep its promise a few days ago after they finally released an emergency security update for Flash Player, protecting against a vulnerability (known as CVE-2016-1019) that is being actively exploited by hackers.

This is a very serious security flaw. According to Adobe, the issues in question are "critical vulnerabilities that could potentially allow an attacker to take control of the affected system." In other words, hackers can use the aforementioned flaws to break into the personal computer, take control of it, and even steal the private data.

Here's what Adobe is saying in its latest security bulletin:
"Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and ChromeOS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

Adobe is aware of reports that CVE-2016-1019 is being actively exploited on systems running Windows 10 and earlier with Flash Player version and earlier."
As security firm Proofpoint describes, the CVE-2016-1019 vulnerability in Flash is being exploited by malicious hackers to spread the Cerber ransomware via use of the Magnitude exploit kit.

If none of that makes sense to you, I'll make it very simple: update Adobe Flash now, or get rid of it altogether.

If you're not quite ready to take the step of entirely uninstalling Flash, then you should at the very least consider enabling "Click to Play", which stops Flash elements from being rendered in your browser unless you give specific permission.

And remember, Flash isn't just a security headache for Windows users. This vulnerability is also present in the Mac OS X, Linux and ChromeOS editions of Flash Player.

No comments:

Post a Comment