Flash Player, despite all of its positive qualities, also has some vulnerabilities. RecordedFuture recently looked deeper into the problem and found out that various con artists use those to attack PCs – something that they’ve been doing for quite a long time.
There are 10 vulnerabilities that can be considered to be on top of the list for different kinds of exploit kits. And 6 of them can be attributed to Flash Player. It doesn’t end there – one security flaw can potentially be compromised by at least 7 exploits.
But Flash Player is not the only thing that can lead to your computer being infected. Windows itself, Silverlight and Internet Explorer also have certain problems with their security, and exploit kits are very likely to try and abuse them. We should specifically point out the Internet Explorer’s flaw named CVE-2016-0189 – cybercriminals target this one most often.
Internet Explorer can be attacked by exploit kits like Magnitude, RIG, Sundown and Neutrino. Flash Player is endangered by Magnitude, Neutrino, RIG, Angler, Spartan and Nuclear Pack.
There’s also a flaw called CVE-2015-7645 which puts Windows under a great risk, as well as Mac and Linux. RecordedFuture’s research shows a humongous amount of kits that may try and exploit this one, and you can lose control of the system if that happens. We should also let you know that this was the very first zero-day exploit found after Adobe put new security mitigations into effect. And, since many exploits just couldn’t work on computers that had newer versions of Flash, CVE-2015-7645 was quickly made their primary target. The information that this very flaw was used by Pawn Storm (also known as Fancy Bear or APT28 which is a hacker group from Russia) can also be of interest.
The main thing you need to know is this – you have to keep the aforementioned pieces of software up-to-date. And, if you’re using a corporate computer, removing the affected programs is strongly advised. Unless, of course, they’re absolutely needed for completing your daily tasks. And it’s better to use Chrome instead of Internet Explorer because Google has Project Zero to keep track of everything that might be wrong with Flash Player. However, if you use Windows 10, you might give Edge a try, as Microsoft says that it’s a lot more secure than its predecessor.
RecordedFuture also provided us with a table that shows vulnerabilities that must be patched first if you want to make sure that your computer stays safe. You can check it out below. We advise you to never deny prompts to update Flash Player because it allows you to stay on top of everything and reduce the possibility of getting a system infection to a minimum.