Adobe FLASH Type Confusion Vulnerability

Ransomware-Malware

Over the weekend a new Ransomeware type attack was discovered to leverage vulnerabilities in adobe Flash player.  There are still MANY sites on the web that use this player. Game sites Video Streaming Sites, Etc.  Flash has over one billion users, so odds are you are affected by this update.

Be certain not only your flash player is up-to-date but your Anti-virus, Malware detection, and (for those of you lucky enough) your UTM/Router software, and you can prevent this attack before it starts or in case of the UTM before it even enters your network.

This vulnerability applies to Windows, Mac, Linux, as well as Chrome OS.  Adobe issued an emergency update to its Adobe Flash Player software 4-9-16 after researchers discovered a vulnerability that was being exploited to deliver ransomware (variants of Cerber ransomware).   An attacker who successfully exploits this vulnerability can execute remote code and potentially take over the system. Versions 21.0.0.197 and before are vulnerable.   Although it is exploited in the wild, a mitigation that was introduced in the Flash Player 21.0.0.182 prevents the exploitation of this vulnerability.  The exploits are confusing as usual. However, it is clear to see the attempts to exploit this vulnerability.

Vulnerable Systems:
 * Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204.  Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Immune Systems:
 * Adobe Flash Player after 18.0.0.268 and 19.x and 20.x after 20.0.0.228 on Windows and OS X and after 11.2.202.554 on Linux, Adobe AIR after 20.0.0.204, Adobe AIR SDK after 20.0.0.204, and Adobe AIR SDK & Compiler after 20.0.0.204
Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.}}

As a precaution, we suggest you update your Adobe Flash Player (Shockwave Flash Plugin). In addition, we also recommend you institute an effective and suitable network Anti-Virus/Malware protocol For your business, if you haven’t already.  For top security, run multilayer scanning and cleaning, as a layered approach is the best way to keep threats off your computer networks.

We’d hate to see your computer network compromised.

Here at Queen City Business Networks we’re here to help keep you protected and informed about the latest issues. Your peace of mind and business function is important to Us.

George J. Gingras <><
MA-IS,MCP,MCSA,MCDBA,MCSE
Senior Network Engineer
Queen City Business Networks, LLC.
859-525-9898 – Office

Using What We Know To Help Your Business Grow

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.