Skip to main content

Flash Player Continues To Get Bombarded By Attacks

By June 2, 2016March 2nd, 2023Blog, Cybersecurity

flash_player_continues_to_get_bombarded_by_attacks-There seems to be no end of trouble for the beleaguered Flash Player and those who use it. Not long ago, yet another critical security flaw was found in the player, designated as CVE-2016-4117 by security researchers at FireEye. As is generally the case with zero-day exploits like this one, Adobe responded almost immediately with a patch. The problem, however, is that less than two weeks after the details of the exploit were published, a malware researcher spotted the exploit in an exploit kit called “Magnitude.” That’s problematic because Magnitude is one of the most popular exploit kits in the hacking community.

An exploit kit is a web-based attack tool that contains a bundle of several known exploits for web browser plugins (like Flash). The hackers who make these kits don’t really care whether the exploit in question has been patched or not, because they understand people, and they know that the odds are excellent that a high percentage of people who use Flash won’t bother to keep up with the latest security patches. In short then, they know that they can infect tens of thousands (or more) machines, quickly and easily, even in cases where a patch has already been issued.

This latest discovery is noteworthy mostly because of the speed and efficiency with which the exploit was included in a kit. The hacking community is proving quite adept at responding to new information and building new exploits into their tool sets almost as fast as they are discovered.

If you’re not sure whether or not you use Flash at your company, find out. If you use it, make sure you’re protected by the latest security patch. There are widely available tools that make it easy to use against you if you don’t keep up with the latest updates.

If you’re feeling a bit overwhelmed by it all, contact one of our seasoned experts and we’ll be happy to assess the risks for you and your company.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.