Over the weekend a new Ransomeware type attack was discovered to leverage vulnerabilities in adobe Flash player. There are still MANY sites on the web that use this player. Game sites Video Streaming Sites, Etc. Flash has over one billion users, so odds are you are affected by this update.
Be certain not only your flash player is up-to-date but your Anti-virus, Malware detection, and (for those of you lucky enough) your UTM/Router software, and you can prevent this attack before it starts or in case of the UTM before it even enters your network.
This vulnerability applies to Windows, Mac, Linux, as well as Chrome OS. Adobe issued an emergency update to its Adobe Flash Player software 4-9-16 after researchers discovered a vulnerability that was being exploited to deliver ransomware (variants of Cerber ransomware). An attacker who successfully exploits this vulnerability can execute remote code and potentially take over the system. Versions 220.127.116.11 and before are vulnerable. Although it is exploited in the wild, a mitigation that was introduced in the Flash Player 18.104.22.168 prevents the exploitation of this vulnerability. The exploits are confusing as usual. However, it is clear to see the attempts to exploit this vulnerability.
* Adobe Flash Player before 22.214.171.1248 and 19.x and 20.x before 126.96.36.199 on Windows and OS X and before 188.8.131.524 on Linux, Adobe AIR before 184.108.40.206, Adobe AIR SDK before 220.127.116.11, and Adobe AIR SDK & Compiler before 18.104.22.168. Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
* Adobe Flash Player after 22.214.171.1248 and 19.x and 20.x after 126.96.36.199 on Windows and OS X and after 188.8.131.524 on Linux, Adobe AIR after 184.108.40.206, Adobe AIR SDK after 220.127.116.11, and Adobe AIR SDK & Compiler after 18.104.22.168
Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.}}
As a precaution, we suggest you update your Adobe Flash Player (Shockwave Flash Plugin). In addition, we also recommend you institute an effective and suitable network Anti-Virus/Malware protocol For your business, if you haven’t already. For top security, run multilayer scanning and cleaning, as a layered approach is the best way to keep threats off your computer networks.
We’d hate to see your computer network compromised.
Here at Queen City Business Networks we’re here to help keep you protected and informed about the latest issues. Your peace of mind and business function is important to Us.
George J. Gingras <><
Senior Network Engineer
Queen City Business Networks, LLC.
859-525-9898 – Office
Using What We Know To Help Your Business Grow