At CVE Details there are currently 713 Adobe Flash Player Security Vulnerabilities across all different versions. More than 20 reported since the beginning of this year alone… of which 19 are rated with a score of HIGH (10)–the highest risk rating from the Common Vulnerability Scoring System.
But it’s not going to happen to you or your company right?
Well, hold on… Do your employees ever visit Yahoo News, Sports or Finance sites while at work on the corporate network?
You might not want to admit it but they do…
Did you know that for 7 days starting July 28th, bad actors used Yahoo’s ad network to compromise computers with outdated Adobe Flash? Hackers bought ads across Yahoo’s News, Finance and Sports sites and when a computer running Windows and an outdated version of Adobe Flash visited the site they were compromised. Then the hackers held the computers for ransom or redirected them to websites that paid the hackers for the traffic. (more)
According to Malwarebytes who found the issue “Malvertising is a silent killer because malicious ads do not require any type of user interaction in order to execute their payload. The mere fact of browsing to a website that has adverts (and most sites, if not all, do) is enough to start the infection chain.”
Our NetWatcher customers know when they have users on the network with outdated software such as Adobe Flash and can upgrade the assets before they get attacked.