Adobe Releases Emergency Patch for Flash After Ransomware Attacks

Craig Pollack | Apr 09, 2016

Topics: Cyber Security

Adobe

For the second time in two months, Adobe has released an update to Flash that, if you're running Flash, is more than just a nice-to-have. The software maker urged the more than 1 billion users of Flash to update the product as quickly as possible after security researchers found a bug that's being exploited in "drive-by" attacks which infect computers with ransomware when tainted websites are visited. 

Adobe's latest patch fixes a previously unknown security flaw. Such bugs, known as "zero day" bugs, are highly prized because they are harder to defend against since software makers and security firms haven't had the time to figure out ways to block them before they're discovered.

Trend Micro, the anti-virus and anti-malware vendor, said that it had warned Adobe that it had seen attackers exploiting the flaw to infect computers with a type of ransomware known as 'Cerber' as early as March 31. 

For more details about ransomware, check our our recent blog: 8 Ways to Protect Yourself From Ransomware.

From the Adobe website:

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and ChromeOS.  These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

Adobe is aware of reports that CVE-2016-1019 is being actively exploited on systems running Windows 10 and earlier with Flash Player version 20.0.0.306 and earlier.  Please refer to APSA16-01 for details.

You can download the security update here.

Have you or do you know of anyone who's been hit by ransomware? Share your experience with us in the Comments section below.

On a related note, if you'd like to see how your security precautions stack up, please download our free Cyber Security Report Card and evaluate how you're doing.

Download Your Free Cyber Security Report Card

Author

Craig Pollack

Craig Pollack

Craig is the Founder & CEO of FPA Technology Services, Inc. Craig provides the strategy and direction for FPA, ensuring its clients, business owners, and key decision makers leverage technology as efficiently and effectively as possible. With over 25 years of experience building the preeminent IT Service Provider in the Southern California area, Craig is one of the area’s leading authorities on how small to mid-sized businesses can best secure and leverage their technology to achieve their business objectives.

Comments