Email
Password
Remember meForgot password?
    Log in with Twitter

article imageAdobe: Patch Flash now to prevent hackers accessing your PC

By James Walker     Mar 11, 2016 in Technology
Adobe has released a critical security update for its Flash media player across all supported platforms. It includes a patch for a gaping security hole being actively exploited by hackers, the latest in a long line of problems with the aging plugin.
The update is known as APSB16-08 and was released on March 10 for Windows, Mac, Linux, Google Chrome, Internet Explorer and Microsoft Edge. Browsers should receive the update automatically but users on older platforms may need to manually download the new version.
In a security bulletin on the issue, Adobe said the update addresses "critical vulnerabilities that could potentially allow an attacker to take control of the affected system." Twenty-three different issues are patched in the update, one of which "is being used in limited, targeted attacks."
Bug CVE-2016-1010 is an integer overflow vulnerability that can cause Flash to crash and provide attackers with an entry point to the system. They could remotely execute their own code, gaining control of the user's computer. This exploit is being used by hackers and could affect any user of an unpatched version of Flash.
The vulnerability was discovered by Kaspersky Labs. Adobe hasn't disclosed details but a representative of the security firm said to Ars Technica: " Today Adobe released the security bulletin APSB16-08, crediting Kaspersky Lab for reporting CVE-2016-1010. The vulnerability could potentially allow an attacker to take control of the affected system."
Adobe urges all Flash users to install the new update as soon as possible. The majority of issues have been given a "critical" severity rating, the highest possible, and pose a serious threat if left unpatched.
People with Flash installed on their computer should also consider whether they still need the software installed. Many major websites have now moved away from the aging and insecure technology in favour of more modern alternatives. Users may find they can continue to access their usual sites with the plugin removed.
Adobe's latest update is by no means the first emergency patch it has had to issue. Flash has been plagued by security problems for years, leading some security experts to advise web users stay away from it entirely.
A similar issue to CVE-2016-1010 was reported last October. A flaw allowed hackers to gain complete control of a target computer, a recurring theme in Flash vulnerabilities. As with the latest discovery, it affected all supported platforms and versions.
Users shouldn't need to put up with these issues for much longer. A recent report predicted that Flash may be virtually eradicated online by 2018 as faster and safer technologies, integrated directly into web browsers, roll out across the Internet. Even Adobe has begun to distance itself from Flash as security experts, web developers and consumers have become increasingly frustrated with the once-popular technology.
More about Adobe, Flash, Adobe Flash, Vulnerability, Hack
 
Latest News
Top News