The zero-day exploit has been used for spying and delivering ransomware
Still not safe
A vulnerability in the new Flash Player patch has been discovered within a week of it being released. The patch was supposed to fix a zero-day security issue. However, hackers managed to find a new way to exploit Flash Player.
What is the vulnerability used for?
The new version of Flash Player, 18.0.0.194, released on June 23, was supposed to fix a heap buffer overflow (CVE-2015-3113). It has been discovered that China-based cyber-attack group uses this vulnerability to spy on a number on organizations from an array of different sectors, including high tech engineering, construction, aerospace, transportation, telecommunication, and even defense. So imagine how easily it hackers can get into your personal computer and steal your credentials, as well as other information that they can use to their advantage.
Another thing that has been uncovered is that the Magnitude exploit kit is able to use Flash Player 18.0.0.160 on Internet Explorer 11 on Windows 7 to deliver malware. More specifically, it delivers the ransomware infection Cryptowall. This is a very serious infection that manages to encrypt all files on the victim’s computer and prevents them from using it properly. What is more, it demands a ransom be paid if the user wants to use their PC.
How Cryptowall infiltrates systems
The Magnitude exploit kit uses malicious SWF and FLV files to transfer Cryptowall onto computers. The audio codec responsible for this vulnerability, CVE-2015-3043, was supposedly patched in April. However, hackers have still managed to exploit the codec in order to deliver malware. It is precisely the heap overflow that is causing the problems. This vulnerability can be exploited by merely modifying the FLV file’s audio tag.
Don’t run outdated versions of Flash Players
Hackers love using software that has a large number of users to deliver malware. Another example of this is Java. It is constantly plagued by vulnerabilities. This makes it a lucrative target for cyber criminals. The same goes with Flash Player, as well as you can see. It takes some time for hackers to discover these vulnerabilities, so you can hope that Adobe is will address the issue before it has been exploited. It is important to keep your software up-to-date as fixes for such vulnerabilities are released constantly. We recommend updating Flash Player at once if you do not want your computer to be vulnerable. Keep in mind, that if your PC is running on Windows 8.x and you are using Google Chrome or Internet Explorer, then Flash Player will be automatically updated when a new patch is released. So you shouldn’t worry much in this case. However, if you are running on anything else, and you have Flash Player, then you should immediately go to Adobe’s website and download the latest version.
A lot of browsers nowadays have a click-to-play feature, which means that you can watch videos without Flash Player. If you consider it too much of a threat for your system, remove it. Do the same with any other software that you consider untrustworthy.