An update that fixes a dangerous vulnerability in the widely used Flash Player software was released by Adobe this week.
A flaw within the online video and animation software was being exploited by criminals on Windows, Apple and Linux computers, and was widely criticized by security experts.
Adobe are also looking in to claims that that there is a second flaw being exploited by an underground hacking kit, that is being sold to criminals.
Gangs and individuals can reportedly gain access to a user’s computer using the kit, which works its way through the flaw in Adobe Flash Player. The kit then locks down aspects of the computer and demands a digital payment to reverse the process.
Flash Player has always been a prime target for hackers because it’s one of the most widely used pieces of software on the internet. Form web design to streaming video, nearly all web users will use some form of Flash each day,
Fortunately those that stay updated with the latest Flash Player versions are assured that they have nothing to worry about, and that the flaw is only present in outdated versions of the software, particularly those that use it in conjunction with the Internet Explorer web browser.
Windows based machines are reportedly the most vulnerable because the kit is bale to bypass a Microsoft anti malware measure, that blocked intruders from gaining access to memory data.
The exploit kit is called “Angler” and is said to be widely used by hackers and cyber-thieves, and is sold on the black market and dark web quite regularly. The malware is often distributed by dangerous web advertisements that force a user to download a file, and ironically sometimes pose as an Adobe Flash Player update. In other cases this is all done n the background without the victim even noticing.
One of its abilities is to seek out bank account details by scanning files. It can also further hijack online advertisements to inject further malware.
Adobe say their latest fix is not 100 percent fool-proof and they are hoping to release a further patch in the coming days.
Angler also works through vulnerabilities in Java.