Skip to content
All articlesSecurity

Adobe Flash Compromised - Latest Security Concerns

Adobe Flash Compromised, Stay up to date with our blogs about Azure, SCCM, VMware and HyperV.

18 Dec 2018Updated12 Apr 20262 min read
Adobe Flash Compromised - Latest Security Concerns

Adobe Flash compromised

Help Sign

Adobe Flash Vulnerability Compromises Cybersecurity

Adobe officials have confirmed that a critical vulnerability has been discovered in Flash version 19.0.0.207, which was just released on Tuesday. Security researchers warn that this vulnerability, identified as CVE-2015-7645, is being exploited by attackers to surreptitiously install malware on end-users’ computers, even in fully-patched versions of the software.

Zero-Day Exploits

The critical security flaw is reportedly being used exclusively by Pawn Storm, a group that is targeting only government agencies as part of a broader, long-running espionage campaign. However, it’s common for these kinds of zero-day exploits to be distributed more widely once the element of surprise has waned. The vulnerability has been found in Flash versions 19.0.0.185 and 19.0.0.207, as well as potentially earlier versions. At present, no further technical details are available.

Recent Attacks

In the most recent attacks, links were sent via email that purported to contain information on current events. These URLs hosted the exploit, leading users to download the malware without realizing it. The following topics were used as bait in these attacks: • “Suicide car bomb targets NATO troop convoy Kabul” • “Syrian troops make gains as Putin defends air strikes” • “Israel launches airstrikes on targets in Gaza” • “Russia warns of response to reported US nuke buildup in Turkey, Europe” • “US military reports 75 US-trained rebels return Syria”

How to Stay Safe

In light of this vulnerability, it’s essential to take steps to stay safe while using Flash. First, ensure that you have updated to the latest version of Flash Player to reduce the risk of an attack. It’s also important to avoid clicking on links or downloading attachments from suspicious emails or websites. If you receive an email with an unsolicited link or attachment, delete the message immediately. Finally, consider disabling Flash altogether, particularly if you don’t use it often.

Conclusion

The recent discovery of a critical security flaw in Adobe Flash is a cause for concern, particularly as attackers have already been exploiting it in targeted attacks. As such, it’s essential to stay vigilant and take steps to protect yourself against this and other vulnerabilities. By staying up-to-date with the latest software updates, being wary of suspicious emails and attachments, and disabling Flash if necessary, you can help ensure that your computer remains secure.

About the author
Mark Smith - Co-Founder, SmiKar Software

Mark Smith co-founded SmiKar Software in 2015 and has spent the past decade helping organisations solve Microsoft 365 data management challenges. He works with the SmiKar team to build solutions for SharePoint archiving, storage optimisation, governance and compliance, supporting customers from growing businesses through to Fortune 500 enterprises.

More about SmiKar

Ready when you are

Cut your Microsoft 365 storage bill - keep your data in your tenant.