Home / / Hackers exploit unpatched Adobe Flash bug

Hackers exploit unpatched Adobe Flash bug

A vulnerability in Adobe's Flash player may affect as many 92% of all Windows PC users

Hackers exploit unpatched Adobe Flash bug
The exploit has been detected on thousands of malicious or compromised websites, according to anti-virus vendors.

Ninety-two percent of all Windows users are vulnerable to a bug in Adobe’s Flash player, that can allow hackers to launch ‘drive-by’ attacks from infected websites, according to a Danish security company.

The critical bug, which effects Adobe’s Flash Player, Acrobat and Reader applications, apparently came to light at the end of last year, although attacks that exploit the vulnerability have only recently been seen ‘in the wild’.

Initial attacks used the bug in Flash to insert a malicious PDF onto a users PC. In some cases this has resulted in the user’s system locking up, with malicious code then executed on the computer, although the purpose of this is unknown.

The exploit has been detected on thousands of malicious or compromised websites, according to anti-virus vendors.

Acrobat and Reader are also vulnerable to the exploit as they include a function to handle Flash content embedded in PDF files

Adobe has said that it will release patches to solve the problem, with a Flash patch due on 30th July 30, and fixes for Reader and Acrobat one day later.

In the meantime, Adobe is advising users to delete or disable the vulnerable component in the application. For further instructions see the .

Secunia reported the vulnerable Flash Player 10 on the PCs of 92% of its 900,000 users, with version 9, which is also vulnerable on a 31% of all PCs. Abode Acrobat 9.1.2 was present on 2% of machines and Adobe Reader 9.1.2 was found on 48%.

Follow us to get the most comprehensive IT solutions delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.

CHANNEL AWARD 2018