A new bug in Adobe Flash Player plugin allows hackers to plant malicious code into users PCs. Adobe Systems has issued a patch for this vulnerability. Identified as FinSpy or FinFisher (a. It then downloads the FinSpy payload and, upon execution, it displays a document designed to lure the victim to click on it. Today, October 18, Adobe released a patch. We recommend that you confirm any systems running Flash have the latest, patched version installed.
Adobe Systems Inc warned on Monday that hackers are exploiting vulnerabilities in its Flash multimedia software platform in web browsers, and the company urged users to quickly patch their systems to prevent such attacks.
The Flash Player 8 updates are included in the ZIP file. For instructions on how to update Flash Professional 8 and Flash Basic 8, read the technote. Download the Macromedia Flash Player 8 Update for Windows (ZIP, 17MB) Download the Macromedia Flash Player 8 Update for Macintosh (ZIP, 17MB) Flash Professional 8 FLVPlayback 1.0.1 Component Update. Individuals and organizations using Adobe Flash—especially those operating in business and government environments—are advised to download the security patch immediately in order to protect.
- Attackers are exploiting vulnerabilities in Adobe Flash to inflict malware on victim’s PC informed Adobe systems. The company said that malware is routed through web browsers and urged users to patch their PCs with the latest patch to stay secure.
- Adobe Flash Player Vulnerabilities Being Exploited, Says Company, Warns Users to Update. Known as FinSpy or FinFisher, is a commercial product typically sold to nation states and law.
The warning came after cyber security firm Kaspersky Lab Inc said a group it was tracking, BlackOasis, used the previously unknown weakness on Oct. 10 to plant malicious software on computers before connecting them back to servers in Switzerland, Bulgaria and the Netherlands.
Kaspersky said the malware, known as FinSpy or FinFisher, is a commercial product typically sold to nation states and law enforcement agencies to conduct surveillance.
Adobe Systems Inc warned on Monday that hackers are exploiting vulnerabilities in its Flash multimedia software platform in web browsers, and the company urged users to quickly patch their systems to prevent such attacks. Stock image
THE ATTACK
According to the researchers at Kaspersky Lab, the attack exploits a vulnerability in Adobe Flash to install the FinSpy malware (also known as FinFisher).
This is a commercial malware, and is typically sold to nation states and law enforcement to conduct surveillance, according to the security experts.
The group BlackOasis is said to be using it for targets around the world.
The malware has multiple anti-analysis techniques to make it more difficult to spot.
Once it’s been installed, the malware establishes a foothold on the attacked computer and connects to its command and control servers located in Switzerland, Bulgaria and the Netherlands.
Then, it awaits further instructions to gather data.
The company said victims have so far been observed in Russia, Iraq, Afghanistan, the United Kingdom, Iran and elsewhere in Africa and the Middle East.
Adobe says it has released a security update to fix the problem.
Kaspersky said its assessment of BlackOasis shows it is targeting Middle Eastern politicians and United Nations officials engaged in the region, opposition bloggers and activists, and regional news correspondents with the latest version of FinSpy.
The company said victims have so far been observed in Russia, Iraq, Afghanistan, the United Kingdom, Iran and elsewhere in Africa and the Middle East.
Adobe said it had released a Flash security update to fix the problem, which affected Google's Chrome and Microsoft's Edge and Internet Explorer browsers as well as desktop versions.
‘Adobe has released a security update for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS,' the company said on Monday.
Finspy Flash Patch Download
'This update addresses a critical type confusion vulnerability that could lead to code execution.
'Adobe is aware of a report that an exploit for CVE-2017-11292 exists in the wild, and is being used in limited, targeted attacks against users running Windows.’
Adobe said in July that by the end of 2020 it would retire its once-ubiquitous technology used to power most of the media content found online.
Share this article
It was heavily criticized by late Apple CEO Steve Jobs, with alternatives such as HTML5 emerging in recent years and several web browsers now requiring users to enable Flash before running it.
On Google's Chrome, the most popular web browser, Flash was used daily by 17 percent of desktop users, down from 80 percent in 2014, Google said at the time Adobe announced its retirement.
Kaspersky Lab Inc said a group it was tracking, BlackOasis, used the previously unknown weakness on Oct. 10 to plant malicious software on computers before connecting them back to servers in Switzerland, Bulgaria and the Netherlands. Stock image
Adobe, along with partners Apple Inc, Microsoft Corp, Alphabet Inc's Google, Facebook Inc and Mozilla Corp, said support for Flash will ramp down across the internet in phases over the next three years.
After 2020, Adobe will stop releasing updates for Flash and web browsers will no longer support it.
HISTORY OF FLASH
Created more than 20 years ago, Flash was once the preferred software used by developers to create games, video players and applications capable of running on multiple web browsers.
When Adobe acquired Flash in its 2005 purchase of Macromedia, the technology was on more than 98 percent of personal computers connected to the web, Macromedia said at the time.
Finspy Flash Patch Download Torrent
But Flash´s popularity began to wane after Apple´s decision not to support it on the iPhone.
In a public letter in 2010, late Apple CEO Steve Jobs criticized Flash's reliability, security and performance. Since then, other technologies like HTML5 have emerged as alternatives to Flash.
Flash Patch Floor
Created more than 20 years ago, Flash was once the preferred software used by developers to create games, video players and applications capable of running on multiple web browsers.
When Adobe acquired Flash in its 2005 purchase of Macromedia, the technology was on more than 98 percent of personal computers connected to the web, Macromedia said at the time.
But Flash´s popularity began to wane after Apple´s decision not to support it on the iPhone.