By Christopher Budd
Recently, we learned of a new problem affecting Adobe’s Flash product. This is a serious situation that affects nearly everyone using Microsoft Windows. Because of that, here’s what you need to know and, most importantly, what you should do about it.
What’s the problem?
The problem is that there’s a newly discovered vulnerability affecting Adobe’s Flash product on Microsoft Windows. This vulnerability or flaw can be used by attackers to run code or programs on your Windows computer as if you ran it. Anything you can do on your computer the attacker’s program can do. In a worst case like this, they can load malware on your computer.
Vulnerabilities are found all the time. But usually vulnerabilities are fixed with a patch when they’re found, before attackers can target them. As long as you keep your system up-to-date, you’re protected against most vulnerabilities. What makes this situation serious is that researchers, including our TrendLabs researchers, have discovered that attackers found this vulnerability first and have been attacking it before a patch is available: this kind of situation is called a “zero-day” situation, because defenders have “zero days” to protect against attacks. This means even if you keep your system up-to-date, you’re still at risk of attack until Adobe releases a patch.
What makes this situation more serious is that the attacks we’ve seen are using banner ads (called “malvertisements”) to spread malware. This means that you can go to trusted sites you expect to be safe and still get malware on your system. These attacks work by attackers targeting and compromising the third-party ad servers that offer the ads you see on legitimate and popular sites. This is a particularly nasty form of attack, one that puts average users at great risk.
The situation is even more serious because this vulnerability is being used by what we call an “exploit kit”: a tool that cyber-criminals make and sell to other cyber-criminals so they can carry out attacks. An exploit kit spreads attacks much more widely. This particular vulnerability is being used in the “Angler” exploit kit.
Taken all together, this means that this is a vulnerability that can be widely attacked. It’s a potentially very serious situation that everyone running Microsoft Windows should be aware of.
What should I do about it?
We say the two most important things you can do to protect your system when you’re online is:
In this case, because it’s a zero-day situation, step #1 won’t protect you. We’re still waiting for a patch from Adobe for this.
But step #2 can protect you. As of now, Trend Micro customers running Trend Micro™ Security, Worry-Free™ Business Security, OfficeScan™, Deep Discovery, Deep Security and the Smart Protection Suites are protected against current attacks using this vulnerability.
When Adobe does release a patch, you should apply it to your systems as soon as possible.
Right now, there’s no indication that attackers are targeting Adobe Flash on other platforms like the Mac or Android. If you use these platforms, though, you should make sure you’re running security software and apply any patches from Adobe as soon as possible.