With Adobe releasing their monthly security patches including Flash Player, they confirmed a major security vulnerability that impacts all versions of Flash for Windows/Mac/Linux. Yes…ALL versions. The security vulnerability has been used by a limited amount of hackers that are crashing computers or taking full control of them.
“A critical vulnerability (CVE-2015-7645) has been identified in Adobe Flash Player 18.104.22.168 and earlier versions for Windows, Macintosh and Linux,” Adobe wrote in a security bulletin posted to its website. “Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.”
Adobe has said it hopes to have an updated patch available next week. Hope is a tricky word.
The vulnerability was identified by Trend Micro which stated:
“Trend Micro researchers have discovered that the attackers behind Pawn Storm are using a new Adobe Flash zero-day exploit in their latest campaign,” “Pawn Storm is a long-running cyber-espionage campaign known for its high-profile targets and usage of the first Java zero-day we’ve seen in the last couple of years.”
Resolution? Uninstall Flash until Adobe resolves their issues, hopefully faster than they entail. If Sierra is protecting your network with our Next Generation Managed Firewall solution, you can disregard this message. Contact our Sales@SierraExperts.com to find out how Sierra can secure you against these and other types of threats proactively.