Saturday, December 16, 2017

A “critical” security issue in Adobe Flash Player is putting computer users at risk.

The vulnerability is being exploited by a group called BlackOasis, which is using Microsoft Office “lure documents” to attack people all over the world, including in the UK.

Adobe has acknowledged the issue and released a security update for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. 

The problem, which was discovered by Kaspersky Labs’ Anton Ivanov, has once again put Flash in the spotlight.

The software is being killed off in 2020, but for many that date can’t come soon enough. 

It has become less and less useful over the years, but is constantly being exploited by cyber criminals, who keep finding security holes that they can use to attack users.

This latest unwelcome incident has renewed calls for people to completely disable it.

“After installation, the malware establishes a foothold on the attacked computer and connects to its command and control servers located in Switzerland, Bulgaria and the Netherlands, to await further instructions and exfiltrate data,” explained Kaspersky Lab.

Adobe has described the issue as “a critical type confusion vulnerability”, which means cyber criminals could use it to infect victims with malware without them realising.

“Adobe is aware of a report that an exploit for CVE-2017-11292 exists in the wild, and is being used in limited, targeted attacks against users running Windows,” it said.

Kaspersky recommends disabling Flash Player, in order to stay protected.

“The attack using the recently discovered zero-day exploit is the third time this year we have seen FinSpy distribution through exploits to zero-day vulnerabilities,” Anton Ivanov added. 

“Previously, actors deploying this malware abused critical issues in Microsoft Word and Adobe products. We believe the number of attacks relying on FinSpy software, supported by zero day exploits such as the one described here, will continue to grow.”