Adobe Releases an Emergency Flash Player Update

By

U pdate patches a critical vulnerability that might invite ransomware

Adobe has released an emergency security update for Adobe Flash Player for Windows, Macintosh, Linux, and ChromeOS. The update patches a critical vulnerability in the Adobe Flash player that allows attackers to execute a ransomware attack on Windows PCs.

Attackers are using a vulnerability in Flash that has already been exploited. Adobe wrote in its Security Bulletin, “Adobe is aware of reports that CVE-2016-1019 is being actively exploited on systems running Windows 10 and earlier with Flash Player version 20.0.0.306 and earlier.” According to security research firm Proofpoint, the Magnitude Exploit kit is being used to deliver Cerber and Locky ransomware to take control of infected systems.

Once a user visits the infected website, an attacker can automatically download and execute the ransomware without the user’s intervention.

If you are running Adobe Flash on your system, you should perform an immediate system update.

04/12/2016
comments powered by Disqus