Scam of the day – July 14, 2015 – More Adobe Flash problems and other security patches

As I wrote about previously, the recent hacking of the spyware company Hacking Team has exposed two new serious Adobe Flash vulnerabilities  that are already being exploited by hackers and identity thieves.  Anyone who uses Adobe Flash is in danger.  With its history of its vulnerabilities having been exploited by hackers for years, now may be a good time for people to consider disabling Adobe Flash and using other video software programs.  Some alternatives include LightSpark, Unity Web Player, GNU Gnash, and Silverlight.  Silverlight can be downloaded directly from the Microsoft website.

Below I will provide you with the latest security advisory from Adobe Flash although it should be emphasized that as I write today’s Scam of the Day there are no security patches yet available for the latest two discovered vulnerabilities in Adobe Flash.  However, there are security patches available for other problems with Adobe Flash that you should install if you are still using this program.  Also below you will find a link to the latest security update from the Department of Homeland Security with many critical security patches.

TIPS

Here is the link to the latest security advisory from Adobe:  https://www.us-cert.gov/ncas/current-activity/2015/07/11/Adobe-Flash-ActionScript-3-opaqueBackground-Use-After-Free

Here is the link to the latest security update alert from the Department of Homeland Security:  https://www.us-cert.gov/ncas/bulletins/SB15-194

 

Scam of the day – July 9, 2015 – Spyware company hacking leads to discovery of critical new Adobe Flash flaw

It was only a week ago that I told you about a critical vulnerability in the popular Adobe Flash software so many people use for viewing videos.  Now following the embarrassing hacking and data breach at the Italian spyware company Hacking Team which sells spyware to governments, it has been learned that among the 400 gigabytes of files, source code and emails stolen and made public was source code for Adobe Flash software that can be and has been exploited by hackers to take control of computers running Adobe Flash.  Unlike the previous Adobe Flash flaw, which was discovered by security company FireEye, which notified Adobe in timely fashion to enable them to produce a security update, the new flaw discovered by Hacking Team had been kept secret by them which allowed them to exploit the vulnerability with its own spyware.  Since the time of the making public of this software vulnerability, enterprising hackers have already started selling kits on black market websites to other hackers that enable them to hack into computers running Adobe Flash.   Everyone using Adobe Flash is extremely vulnerable to identity theft and having their computer data stolen.

TIPS

Adobe Flash has been a constant target of hackers and some people are just choosing to disable it and use other video viewing software.  Some alternatives include LightSpark, Unity Web Player, GNU Gnash, and Silverlight.  Silverlight can be downloaded directly from the Microsoft website.  Adobe Flash has just released a security patch to fix the flaw.  Here is a link to the critical security patch to fix your Adobe Flash software: https://www.us-cert.gov/ncas/current-activity/2015/07/08/Adobe-Releases-Security-Updates-Flash-Player