-
Tips for becoming a good boxer - November 6, 2020
-
7 expert tips for making your hens night a memorable one - November 6, 2020
-
5 reasons to host your Christmas party on a cruise boat - November 6, 2020
-
What to do when you’re charged with a crime - November 6, 2020
-
Should you get one or multiple dogs? Here’s all you need to know - November 3, 2020
-
A Guide: How to Build Your Very Own Magic Mirror - February 14, 2019
-
Our Top Inspirational Baseball Stars - November 24, 2018
-
Five Tech Tools That Will Help You Turn Your Blog into a Business - November 24, 2018
-
How to Indulge on Vacation without Expanding Your Waist - November 9, 2018
-
5 Strategies for Businesses to Appeal to Today’s Increasingly Mobile-Crazed Customers - November 9, 2018
BetaNews: Adobe recognizes major Flash vulnerability, will patch it today
Exploit kits are Web-based attack tools that leverage vulnerabilities in browser plug-ins like Flash Player, Adobe Reader, Java or Silverlight to install malware on computers.
Advertisement
The firm said in an advisory that the flaw (CVE-2015-5119) had been identified in Flash Player 18.0.0.194 and earlier for Windows, Mac and Linux and could cause a crash and allow an attacker to take over an affected system. And, sure enough, it appears that virus writers are already using the security flaw to deliver cryptolocker software, which encrypts a users’ data and demands payment to unlock it, on to unsuspecting computers.
Sunday’s breach sent hundreds of gigabytes of Hacking Team’s internal data coursing into the public domain.
“A separate attack against one of these vulnerabilities shows that not sharing the discovery of vulnerabilities with the vendor or broader security community leaves everyone at risk”, argued Trend Micro global threat communication manager, Christopher Budd.
But the leak also included the code for much of the company’s hacking software, and now virus writers are incorporating the code into their own malware. In the bulletin, the company notes that it is aware of the vulnerability and plans to patch it later today. However, it is not clear whether or not the Hacking Team have discovered a new way to use this exploit. The analysis of the vulnerability indicates that a fully-patched Flash installation is remotely exploitable by loading a vulnerable or specially crafted file. “This data will provide fuel to privacy organizations to ask hard questions of government agencies around the world”. That’s because a sophisticated “zero-day” exploit stolen from Hacking Team has now been released into the wild.
Advertisement
Schaake asked of the commission whether it believed that the company “has violated European Union sanctions regimes”.