Adobe Systems Inc warned on Monday that hackers are exploiting vulnerabilities in its Flash multimedia software platform in web browsers, and the company urged users to quickly patch their systems to prevent such attacks.
The warning came after cyber security firm Kaspersky Lab Inc said a group it was tracking, BlackOasis, used the previously unknown weakness on Oct. 10 to plant malicious software on computers before connecting them back to servers in Switzerland, Bulgaria and the Netherlands.
Kaspersky said the malware, known as FinSpy or FinFisher, is a commercial product typically sold to nation states and law enforcement agencies to conduct surveillance.
Kaspersky said its assessment of BlackOasis shows it is targeting Middle Eastern politicians and United Nations officials engaged in the region, opposition bloggers and activists, and regional news correspondents with the latest version of FinSpy.
The company said victims have so far been observed in Russia, Iraq, Afghanistan, the United Kingdom, Iran and elsewhere in Africa and the Middle East.
Adobe said it had released a Flash security update to fix the problem, which affected Google’s Chrome and Microsoft’s Edge and Internet Explorer browsers as well as desktop versions.
Adobe said in July that by the end of 2020 it would retire its once-ubiquitous technology used to power most of the media content found online.
It was heavily criticized by late Apple CEO Steve Jobs, with alternatives such as HTML5 emerging in recent years and several web browsers now requiring users to enable Flash before running it.
On Google’s Chrome, the most popular web browser, Flash was used daily by 17 percent of desktop users, down from 80 percent in 2014, Google said at the time Adobe announced its retirement.
- Content orginally published at: https://www.cnbc.com/2017/10/16/adobe-systems-inc-warns-that-hackers-are-exploiting-its-flash-software.html
Ready to protect your data? What You Can Do:
- Immediately, install a FREE 30-day Trial of EZProtect Antivirus and connect it to your Salesforce org(s) to start scanning files, document uploads, or chatter for viruses or malicious content. Once this is complete, you will have a sense of how many files your organization scans per month and you will be well poised to convert to a paid plan.
- You may also download the full brochure with FAQs and schedule a demo to better understand how the tool works inside and outside of Salesforce by visiting www.adaptus.com/portfolio/ezprotect/