Adobe Archives

Adobe’s Emergency Patch against Ransomware

SecurityAdobe, Flash, securityOphtek, LLC

May 2016

Adobe’s Flash Player – no stranger to security concerns – has recently been forced into issuing an emergency patch to protect its users from ransomware.

Despite the repeated horror stories of Flash Player’s buggy and easily exploited software, it’s still used on a regular basis by a huge number of people. That’s why any vulnerability which comes to light can have an impact on millions of systems.

This time, it’s that contemporary marvel of security scares known as ransomware which is making the headlines again. So, to keep your systems protected, let’s see what we can learn from Adobe’s latest debacle.

Adobe’s Zero-Day Flaw

The vulnerability at the center of Adobe’s woes is known as a zero day flaw, but what does this mean? A zero-day flaw refers to a software vulnerability which is completely new and unheard of. Due to its unexpected emergence, the team behind the software then, quite literally, has zero days to prepare a response.

And it’s this level of precarious defense which means zero-day flaws can spread like wildfire and cause absolute mayhem.

In this particular instance, Flash Player was discovered to contain a memory-corruption vulnerability which allowed hackers to hijack user’s systems. To take remote control of user’s systems, the hackers employed the use of the Magnitude exploit kit.

Using Magnitude, hackers were then able to download ransomware software – such as Locky and Cerber – onto user’s systems. This ransomware was then primed to encrypt personal files and demand a ransom to unlock these files.

All versions of Flash Player up to version 21.0.0.197 have been affected. And it’s not just limited to systems running Windows – Macs, Linux and ChromeOS are all vulnerable as well.

The Emergency Patch

The threat was first discovered when security experts Proofpoint were investigating recent changes made to the Magnitude exploit kit. Once the magnitude of Magnitude had been established, Proofpoint swiftly contacted Adobe who was quick to rush out an emergency patch.

Thankfully, for Adobe, they had previously built in an exploit mitigation technique into Flash Player version 21.0.0.182, so this minimized the malicious impact of this zero-day flaw. However, you would be surprised by the amount of users who don’t update their software when prompted. As a result, a significant number of systems were compromised.

Once the emergency patch had been released, Adobe was also quick to advise all its Flash Player users to upgrade to the latest version. This would, hopefully, minimize the risk of further exploitations on older versions of the software.

Is Adode Safe?

This is a question which seems to get asked on a daily basis at present. And unfortunately for Adobe, things do not look great.

Hackers are clearly targeting Flash Player now and Adobe seems helpless in protecting its product. The knock on result of all this negative publicity is that PC manufacturers, such as Windows, are going to question whether it makes sense to bundle Flash Player with their products.

The key piece of information to take away from this article is that you should ALWAYS ensure all your software is up to date. This ensures you have the best protection possible against any potential security flaws.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Malware Spreading Through Adobe Flash Exploit

Office IT, SecurityAdobe, Flash, malwareOphtek, LLC

Nov 2014

Flash is common enough to be a prime target for malware. A new Adobe Flash exploit has been found allowing criminals to run malicious code.

Flash is susceptible to tampered files used to display multimedia, videos and animations while you are browsing the internet. This mainly affects desktops; however, it’s not an issue with servers since servers are less likely to have users on them browsing the internet.

Understanding the new Adobe Flash vulnerability

Taking a closer look at the cause for infections spreading through Adobe Flash, the risk usually lies in binary browser vulnerability within the .SWF files, where it is dropped by an undisclosed iframe.
Iframe is an inline frame. Back in the 90s, Microsoft came up with the idea for basic webpages to point to another page. This allowed a website to combine the content of its page with another. An iframe allows you to embed one site into another one seamlessly, with two different webpages displaying as one. Sounds like a great idea at the time, right?
It initially worked very well for Internet Explorer. What wasn’t foreseen was malware authors exploiting these iframe features.
This exploit affects only Internet Explorer users, which is why we urge everyone to use a more secure browser such as Firefox or Chrome.

What does this Malware vulnerability do?

The injected iframe may have something subtly embedded such as a single pixel within the SWF file.
It’s high risk to Internet Explorer Users, where the Iframe can identified by its negative absolute positioning and random number approach.
The usual behaviour from these types of files will eventually take you to a currently black-listed blank domain.
This, of course, could change at any time. It could pose as a spoof site, aiming to steal data or to install malware.

How to protect yourself

The solution is simple, stay on top of your Adobe Flash updates. This is very important, especially if you use your web browser to do online gaming, stream music, watch videos and animations, such as on YouTube, which nearly always uses Adobe Flash Player. By keeping updated with the latest Adobe updates, you’ll help to close down those vulnerabilities discussed above, and more.

It’s good news if your choice of browser is Google Chrome. Chrome automatically updates your browser to the latest version of Adobe Flash.

All Onsite PC Solution Managed Services clients are automatically protected during their monthly maintenance.

To learn how to update Adobe Flash, please see our article Here (https://www.ophtek.com/should-you-update-adobe-flash/)

Should You Update Adobe Flash?

Internet, Security, SoftwareAdobe, Flash, security, updateOphtek, LLC

Aug 2014

Adobe Flash player is an indispensable part of web browsing. Whether you’re watching Youtube videos, gaming online, or streaming videos, Adobe Flash will likely be necessary so be sure to keep it secure.

What is Adobe Flash?

According to Wikipedia:

Adobe Flash (formerly called Macromedia Flash and Shockwave Flash) is a multimedia and software platform used for creating vector graphics, animation, games and rich Internet applications (RIAs) that can be viewed, played and executed in Adobe Flash Player.

In other words, when you view multimedia through your web browser such as videos, music or animations, there is a good chance that it is using Adobe Flash.

What’s the risk?

The increased functionality flash player gives you also comes with risks. Flash player gives criminals almost as many opportunities to compromise your system as Java. If these risks are not addressed, you could be subject to exploits such as one that allows attackers to mimic a website to obtain your confidential information or even cause a denial of service by corrupting your memory.

Keeping your flash player updated to the latest version is the best way to plug these security holes that jeopardize your system. Fortunately, if you web browse with google chrome, your flash player is automatically updated.

How to update Adobe Flash player

1.) Go to Adobe’s website to check if you have the latest flash player installed.

Click Check Now to see if you have the the current version. If you do, congratulations. If you don’t….

2.) Go to the download link in step 2.

Click Download now to download the file. Before doing this, make sure NO extra programs are checked for you to download. Frequently, this will be McAfee as shown below:

Immediately uncheck the box next to Yes, install McAfee Security Scan Plus. You do NOT need this program, and it will make Windows run slower if you already have an antivirus program running.

3.) Follow the installation instructions on the download page.

4.) Enable Flash Player on your browser. The links for the instructions for each browser can be found on Adobe’s website.

5.) Verify if Flash Player is installed by checking the animation on Adobe’s website. If you see clouds moving, you have installed the player. If you don’t, try refreshing the page. If that still fails to produce moving clouds, go through the installation steps again.

For more information on this or other security issues affecting your PC, consult your local IT professional.

Tag Archives: Adobe