News

Vulnerability in Flash was used to spread ransomware

By admin
Spread the love

The recently discovered zeroday in Flash, for which Adobe released a patch on Thursday, is used in Magnitude EK. This exploit kit is used, among other things, to distribute the Locky and Cerber ransomware.

Adobe announced on Wednesday that there is a critical vulnerability in Flash and released a patch on Thursday. The software maker also said that the zeroday, identified as CVE-2016-1019, was actively being abused. Security researchers at Proofpoint have now revealed that the vulnerability was used to infect computers with ransomware.

This would include Locky, a new ransomware variant that has made many victims in recent months. The Cerber ransomware that ‘talks’ to its victims is also distributed using Magnitude EK. The exploit code that uses the zeroday in the Flash Player would also be found in another exploit kit called Nuclear Pack. However, the zero-day would not have been used to spread malware through this tool for malicious parties.

Initially, Adobe stated that only users of Windows XP and Windows 7 were vulnerable, but the company later amended the warning. Windows 10 users were also vulnerable, but only if they were using an older version of the Flash Player. Adobe released a patch on Thursday that fixes the critical vulnerability. Systems that are not provided with the update remain vulnerable.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Logitech acquires stream controller maker Loupedeck

News

Anticheat FaceIT gets Linux version, enables Steam Deck support

Exit mobile version