Adobe issued a warning: cybercriminals are taking advantage of the Flash 0 day vulnerabilities-vulnerability warning-the black bar safety net

2016-05-15T00:00:00
ID MYHACK58:62201674820
Type myhack58
Reporter 佚名
Modified 2016-05-15T00:00:00

Description

! As the title of this article, if the user in Windows, Mac, Linux, or Chrome OSoperating systemon the platform to install the Adobe Flash plugin, then the user will likely be subjected to hacker attacks. Adobe has released a security Bulletin and in the Bulletin to remind the user that the Flash Player software in the presence of a yet to fix a serious vulnerability. According to the security researchers of the analysis, cyber criminals are currently using this vulnerability to carry out attacks. However, Adobe does not currently have the outside world to provide for this a 0 day Vulnerability(CVE-2 0 1 6-4 1 1 7)detailed information. However, when we hear an attacker can use to not fix the vulnerability a malicious advertising campaign or watering hole attack, I believe that no one will on this and be amazed. Because the attacker can use a similar Angler Exploit Kit this infamous exploit tools to implement such an attack. No doubt we soon will be able to learn about this vulnerability detailed information. As Adobe puts it, the company also hope in this week of Flash software push security updates. At that time, we will be able to learn about this type of attack information, and the user is very likely in today's later able to receive a security patch update notification. Currently, we are only able to from Adobe published security Bulletin learned about this incident the General information, the Bulletin in part as follows: “Adobe Flash Player 21.0.0.226 and the previous version of the plugin there is a serious security vulnerability(CVE-2 0 1 6-4 1 1 7),Windows, Macintosh, Linux, and Chrome OSoperating systemplatform will be subject to this vulnerability. If an attacker can successfully exploit this vulnerability, not only will cause the target system to crash, the attacker may also get to the infected system control.” Obviously, in the computer system to deploy a layered defense system is very meaningful. The so-called layered defense system, further comprising periodically update your anti-virus software and some other tool software. In addition, this security event should also let the user have started to re-consider them with Adobe Flash to the relationship between. After all, in the past few years, Adobe Flash plug-in have been malicious attacks and security vulnerabilities plagued. Even if you're not ready to completely uninstall Flash, but you should also think about whether you need to open the browser in the“Click to Play(click to play)”function, because it can reduce you are hacking possibilities. ! When you enable“click to play”function after that, your browser won't display some of the potential malicious Flash content, unless you allow it to Auto Play or auto run. In other words, when you enable this function after the one containing the malicious code in Flash files is not performed unless give your consent. Otherwise, when you visit an infected website, the malicious code will automatically run. If you intend on your computer continue to use Flash, then you please ensure that the computer of the Flash plug-in version is the latest version. You can choose to open the Adobe Flash Auto-Update feature, but I found its Auto-Update feature is sometimes very slow, the new version is released, it may take a long time to receive the corresponding update notification. Of course, you can also manually update it. If you are on software version have questions, you can always check your installed Flash plug-in version and from Adobe official download page to download the latest version of the Flash plug-in. ESET company security analysis expert, Mark James to the majority of users provides the following recommendations: “Currently, there is still a lot of equipment to install the Adobe Flash plug-in. Many manufacturers are no longer using this software, because this software will cause very serious security problems. In fact, although many users on their computer to install this software, but they in the daily operation of the process will not be used to it, the user will be not going to learn about this software security risk. In our daily use, the need to ensure that the computer of all software is the latest version, if a software is you are not going to use, then make your best to uninstall it. In addition, regularly updating the networksecuritythe product also may be able to help you defend against hackers and malicious software attacks.” If you do not have Adobe Flash, you also don't have to be complacent, because the other vendor's software will also exist a large number of serious security vulnerabilities. For instance, just this week, Microsoft emergency issued a security patch to fix its Jscript and VBScript engines in the 0 day vulnerability. It is known that earlier there was an attacker use this vulnerability to the Korean users of the network attack.