The Adobe Flash plugin has been found to be one of the most popular targets for software exploits as security experts have identified that it is used in seven exploit kits. Continue reading to learn more about the security weaknesses and exploits of this software in the past and present.
Adobe Flash Is Still Popular Among Exploit Kits
Adobe Flash is one of the most software that is used by the majority of the desktop computer users. Its popularity unfortunately has also made it a major target for computer hackers. Security researchers from the Recorded Future Cyber Threat Intelligence Unit have revealed some data about the security weaknesses of Adobe Flash as a whole.
According to their research the popular plugin accounts for six of the top 10 vulnerabilities that have been used by exploit kits in this year alone. In comparison with 2015 its popularity remains even after Adobe increased the company’s security mitigation efforts.
The primary source of infections and vulnerability exploits are caused by Adobe (Flash Player) and Microsoft products such as the Windows operating system, the Internet Explorer browser and the Silverlight plugin. This year the security threats that have dominated the security incidents are mainly to infect computer networks and machines with ransomware and recruit them to malicious botnets. A large number of these attacks are made through software vulnerabilities, in many cases with the help of exploit kits which rely on bugs in software such as Adobe Flash. The most popular kits that are currently used in attack campaigns include RIG, Sundown and Neutrino.
There is a problem with both large organizations and individual users. Not everyone does timely software updates which fix the often found security weaknesses in the program. A setting “click to play” can be set which activates the Adobe Flash embedded code only upon user interaction with it which prevents some of the exploits that are used against computer owners.
The security experts also recommend that web users use the Google Chrome web browser as it automatically updates the built-in Flash implementation. In the latest versions of the browser it also defaults to HTML5 players when this is possible. Ad blockers and anti-spyware utilities should be used to prevent browser hijackers, malicious ads and dangerous scripts from running.
As the Adobe Flash plugin is used mainly to break in a computer system and we know that the hackers are usually after sensitive files, it is recommended that all important files are backed to a secure location that is not used on the computer.
For more information you can read their full report here.