Over the weekend a new Ransomeware type attack was discovered to leverage vulnerabilities in adobe Flash player. There are still MANY sites on the web that use this player. Game sites Video Streaming Sites, Etc. Flash has over one billion users, so odds are you are affected by this update.
Be certain not only your flash player is up-to-date but your Anti-virus, Malware detection, and (for those of you lucky enough) your UTM/Router software, and you can prevent this attack before it starts or in case of the UTM before it even enters your network.
This vulnerability applies to Windows, Mac, Linux, as well as Chrome OS. Adobe issued an emergency update to its Adobe Flash Player software 4-9-16 after researchers discovered a vulnerability that was being exploited to deliver ransomware (variants of Cerber ransomware). An attacker who successfully exploits this vulnerability can execute remote code and potentially take over the system. Versions 18.104.22.168 and before are vulnerable. Although it is exploited in the wild, a mitigation that was introduced in the Flash Player 22.214.171.124 prevents the exploitation of this vulnerability. The exploits are confusing as usual. However, it is clear to see the attempts to exploit this vulnerability.
* Adobe Flash Player before 126.96.36.1998 and 19.x and 20.x before 188.8.131.52 on Windows and OS X and before 184.108.40.2064 on Linux, Adobe AIR before 220.127.116.11, Adobe AIR SDK before 18.104.22.168, and Adobe AIR SDK & Compiler before 22.214.171.124. Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
* Adobe Flash Player after 126.96.36.1998 and 19.x and 20.x after 188.8.131.52 on Windows and OS X and after 184.108.40.2064 on Linux, Adobe AIR after 220.127.116.11, Adobe AIR SDK after 18.104.22.168, and Adobe AIR SDK & Compiler after 22.214.171.124
Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.}}
As a precaution, we suggest you update your Adobe Flash Player (Shockwave Flash Plugin). In addition, we also recommend you institute an effective and suitable network Anti-Virus/Malware protocol For your business, if you haven’t already. For top security, run multilayer scanning and cleaning, as a layered approach is the best way to keep threats off your computer networks.
We’d hate to see your computer network compromised.
Here at Queen City Business Networks we’re here to help keep you protected and informed about the latest issues. Your peace of mind and business function is important to Us.
George J. Gingras <><
Senior Network Engineer
Queen City Business Networks, LLC.
859-525-9898 – Office
Using What We Know To Help Your Business Grow