Adobe Issues An Emergency Flash Update - Ransomware Vulnerability

[ritchie58]

On Thursday Adobe announced that they are issuing an emergency update to their Flash software. Researchers have discovered that a zero-day vulnerability in the Flash software is being exploited to deliver ransomware to Windows PC's.

The software maker is urging the more than 1 billion users of Flash on Windows, Mac, Chrome and Linux computers to update the product as quickly as possible after security researchers said the bug was being exploited in "drive-by" attacks that infect computers with ransomware when "compromised" websites are visited.

 

The type of ransomware involved is called "Cerber" which uses a 'voice' tactic that reads aloud the ransom note to create a sense of urgency and stir users to pay up.

 

The security firm FireEye said that the bug was being leveraged to deliver ransomware in what is known as the Magnitude Exploit Kit. This is an automated tool sold on underground forums that hackers use to infect PCs with viruses through compromised websites.

 

Exploit kits are used for "drive-by" attacks that automatically seek to attack the computers of people who view an infected website.

If you use Adobe's Flash then "it's very highly recommended that you update the software ASAP!"

 

Here is the official Adobe Security Bulletin: https://helpx.adobe.com/security/products/flash-player/apsb16-10.html

 

You can update Flash here: https://get.adobe.com/flashplayer/

Regards, Ritchie...