Tech experts and even many regular consumers have become aware that Adobe Flash Player isn’t as secure as users want it to be. Now, a recent report shows that it’s way more dangerous than people have originally thought.
The security department of NTT Group, the largest telecommunication services provider in Japan, went through their historical records and found out that Adobe Flash Player was the most affected technology in terms of exploit kits in 2015. In fact, during that time, the top 10 vulnerabilities attacked through exploit kits belonged to Adobe Flash Player. These vulnerabilities are CVE-2015-0311, CVE-2015-0313, CVE-2015-0336, CVE-2015-0359, CVE-2015-2419, CVE-2015-3090, CVE-2015-3105, CVE-2015-3113, CVE-2015-5119, and CVE-2015-5122.
This is a new development since the top spot used to be occupied by Java, which was the most targeted technology in 2012, 2013, and 2014. However, Java released major security updates two years ago, making it more difficult for hackers to get into its systems. Because of this, hackers have turned their attention to Flash because of its unprotected vulnerabilities, wreaking havoc and causing numerous security breaches along the way.
NTT’s finding is supported by Symantec’s report for 2015. The cyber-security provider found out that there was a 125 percent increase in the total number of zero days last year. (Zero days are vulnerabilities that vendors aren’t aware of and are exploited by hackers). Symantec also found out that four of the top five zero days and 17 percent of all the zero days belonged to Adobe Flash Player.
To be fair, Adobe is doing everything to prevent zero days and protect its users from hackers. Early in April, for example, the provider released a security advisory informing the public about the critical vulnerability CVE-2016-1019 (which affected those who were using Adobe Flash Player 18.104.22.168 and earlier versions) and encouraging users to update to Adobe Flash Player 22.214.171.124 or to later versions.
But it’s important to note that the software provider can’t protect everybody on its own. Users should also do their part in protecting their computers and keeping hackers away from their systems. One thing they can do is to regularly update Adobe Flash Player and other software; this way, they can download the latest security patches and minimize the risks of exploitation.
Installing ad blockers and anti-malware programs is also recommended since many exploit kits use malvertising campaigns. One example is CVE-2016-1019, which dupes users into viewing suspicious online ads and visiting infected websites. Once they open these sites, hackers will use the vulnerability to download ransomware, which allows them to lock out the users from their own computers. Hackers will demand a ransom, which users must pay if they want to regain the use of their PC.
Every techie needs a pair of sick headphones. Neurogadget recommends these Audio Technica Professional Studio Monitor Headphones for both their quality and their cool-factor.