Active CyberCriminal attacks are occurring that exploit a zero-day flaw in the Windows version of the Adobe Flash to install ransomware.
Security experts are warning all Adobe Flash users to either update Adobe Flash, or uninstall the browser plug-in software if you don’t use it. Recent versions of Flash for Mac OS X, Linux, and Google ChromeOS are also at risk.
Adobe has released updated versions of Flash that fix the flaw, which has been named “CVE-2016-1019”.
Adobe states: “Adobe is aware of reports that CVE-2016-1019 is being actively exploited on systems running Windows 10 and earlier with Flash Player version 184.108.40.2066 and earlier.”
Adobe’s latest Flash update includes fixes for 24 flaws. Adobe reports that many of the fixed flaws are considered “critical vulnerabilites” that “could potentially allow an attacker to take control of the affected system”.
The latest (fully-patched) version of the Flash Player Desktop Runtime is 220.127.116.11. Adobe recommends all users upgrade immediately.
Remember to install updates regularly. Updates plug known security holes that could be putting your computer system (and your business!) at risk!