Results 1 to 8 of 8

Thread: Warning: Adobe Flash Player users!!

  1. #1
    Crazy Diamond
    Tiny's Avatar
    Join Date
    Dec 2010
    Location
    Tasmania
    Age
    64
    Posts
    6,391
    Thanks
    10,996
    Thanked 5,436 Times in 2,651 Posts
    Rep Power
    2156
    Reputation
    89057

    Exclamation Warning: Adobe Flash Player users!!

    Just got this email from Malwarebytes.

    Dear Tiny,

    Adobe issued an emergency update to its Adobe Flash Player software today after researchers discovered a vulnerability that was being exploited to deliver ransomware. Flash has over one billion users, so odds are you are affected by this update.

    But Malwarebytes proactively protected its millions of customers from this attack, blocking the ransomware before it could encrypt files.

    As a precaution, we suggest you update your Adobe Flash Player (Shockwave Flash Plugin). In addition, we urge you to consider installing both and for the layered protection that stops attacks like this from infecting your computer. Malwarebytes Anti-Exploit Premium blocks the exploit attempt, while Malwarebytes Anti-Malware Premium stops the ransomware execution (if Malwarebytes Anti-Exploit Premium is not installed).

    We'd hate to see your computer compromised. Here at Malwarebytes, we pledge to keep you protected and informed about the latest issues. Your peace of mind is our number one priority.

    Sincerely,
    The Malwarebytes Team

    P.S. Learn more about this threat

    Adobe has just released a for the infamous Flash Player to fix a vulnerability actively by some exploit kits. This vulnerability was actually a zero-day (CVE-2016-1019) but exploit kit authors botched its integration which resulted in only affecting older versions of Flash.

    Another saving grace was the fact that a “mitigation introduced in Flash Player 21.0.0.182 currently prevents exploitation of this vulnerability, protecting users running Flash Player 21.0.0.182 and later“.
    Nonetheless, since this could be tweaked and made functional to work on fully patched versions as well, Adobe went on to fix the bug.
    The Magnitude EK which has been very active as of late was in fact using CVE-2016-1019 for some time. As we reported earlier this month, several (still) active malvertising campaigns are pushing Magnitude with a little tweak, including a right before the landing page.
    Last edited by Tiny; 09-04-16 at 10:57 AM.
    Cheers, Tiny
    "You can lead a person to knowledge, but you can't make them think? If you're not part of the solution, you're part of the problem.
    The information is out there; you just have to let it in."

  2. The Following 9 Users Say Thank You to Tiny For This Useful Post:

    Al Bundy (09-04-16),cmangle (09-04-16),efab (09-04-16),gordon_s1942 (09-04-16),ol' boy (09-04-16),Philquad (09-04-16),shred (09-04-16),tristen (09-04-16),Uncle Fester (09-04-16)



Look Here ->
  • #2
    Crazy Diamond
    Tiny's Avatar
    Join Date
    Dec 2010
    Location
    Tasmania
    Age
    64
    Posts
    6,391
    Thanks
    10,996
    Thanked 5,436 Times in 2,651 Posts
    Rep Power
    2156
    Reputation
    89057

    Default

    Adobe Security Advisory




    Security Advisory for Adobe Flash Player

    Release date: April 5, 2016
    Last updated: April 6, 2016
    Vulnerability identifier: APSA16-01
    CVE number: CVE-2016-1019
    Platforms: Windows, Macintosh, Linux and Chrome OS


    Summary

    A critical vulnerability (CVE-2016-1019) exists in Adobe Flash Player 21.0.0.197 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.
    Adobe is aware of reports that CVE-2016-1019 is being actively exploited on systems running Windows 10 and earlier with Flash Player version 20.0.0.306 and earlier. A mitigation introduced in Flash Player 21.0.0.182 currently prevents exploitation of this vulnerability, protecting users running Flash Player 21.0.0.182 and later.
    Adobe is planning to provide a security update to address this vulnerability as early as April 7. For the latest information, users may monitor the .


    Mitigations

    A mitigation introduced in Flash Player 21.0.0.182 currently prevents exploitation of this vulnerability, protecting users running Flash Player 21.0.0.182 and later. Adobe recommends users of Adobe Flash Player, who have not already done so, immediately update to the current version of Flash Player via the update mechanism within the product or by visiting the . If you use multiple browsers, install the update in each browser you have installed on your system.

    To verify the version of Adobe Flash Player installed on your system, access the , or right-click on content running in Flash Player and select "About Adobe (or Macromedia) Flash Player" from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system.


    Severity ratings

    Adobe categorizes this as a vulnerability.



    Acknowledgments

    Adobe would like to thank Kafeine (EmergingThreats/Proofpoint) and Genwei Jiang (FireEye, Inc.), as well as Clement Lecigne of Google for reporting CVE-2016-1019 and for working with Adobe to help protect our customers.


    Revisions

    April 6, 2016: Expanded the Windows Operating Systems targeted by the exploit for CVE-2016-1019 to include all versions (Windows 10 and earlier). This advisory previously referenced only Windows 7 and XP.
    Cheers, Tiny
    "You can lead a person to knowledge, but you can't make them think? If you're not part of the solution, you're part of the problem.
    The information is out there; you just have to let it in."

  • The Following User Says Thank You to Tiny For This Useful Post:

    pmbrford (16-05-16)

  • #3
    Premium Member

    Join Date
    Jan 2008
    Posts
    4,311
    Thanks
    5,982
    Thanked 4,171 Times in 1,771 Posts
    Rep Power
    1348
    Reputation
    50392

    Default

    Thanks for the info.

    Mine was up-to-date.

  • #4
    Senior Member

    Join Date
    Dec 2011
    Location
    Tasmania
    Posts
    869
    Thanks
    1,485
    Thanked 956 Times in 416 Posts
    Rep Power
    544
    Reputation
    18321

    Default

    Flash needs to die. It just has to go... and I'll then happily urinate on the grave.

  • The Following 4 Users Say Thank You to shred For This Useful Post:

    Al Bundy (09-04-16),cmangle (09-04-16),Guiseppe (10-04-16),Tiny (09-04-16)

  • #5
    Premium Member
    Al Bundy's Avatar
    Join Date
    Jan 2008
    Location
    Tazzie
    Posts
    4,479
    Thanks
    2,005
    Thanked 5,193 Times in 1,905 Posts
    Rep Power
    2204
    Reputation
    92850

    Default

    Quote Originally Posted by shred View Post
    Flash needs to die. It just has to go... and I'll then happily urinate on the grave.
    F#ck yeah, I hate it.
    Last edited by Al Bundy; 09-04-16 at 01:02 PM.
    Cheers
    Ted (Al)

  • #6
    Senior Member
    Uncle Fester's Avatar
    Join Date
    Jan 2008
    Location
    Commonly found in a pantry or the bottom of a fridge, searching for grains, fermented or distilled
    Posts
    6,405
    Thanks
    2,289
    Thanked 4,414 Times in 2,517 Posts
    Rep Power
    2046
    Reputation
    81778

    Default

    Thanks for the warning. I just disabled it after I got lazy and used it again after many years of abstinence because of a site I needed.
    I wish they would just stop using Flash, bloody ban it from the internet.
    Update: A deletion of features that work well and ain't broke but are deemed outdated in order to add things that are up to date and broken.
    Compatibility: A word soon to be deleted from our dictionaries as it is outdated.
    Humans: Entities that are not only outdated but broken... AI-self-learning-update-error...terminate...terminate...

  • The Following User Says Thank You to Uncle Fester For This Useful Post:

    Al Bundy (09-04-16)

  • #7
    Banned

    Join Date
    Jan 2008
    Location
    Under the Boardwalk AC USA
    Posts
    2,119
    Thanks
    1,471
    Thanked 3,031 Times in 777 Posts
    Rep Power
    0
    Reputation
    54367

    Default

    04/07/16 Adobe Flash Player 21.0.0.213



    Flash Player 21 Windows for Internet Explorer - ActiveX: 21.0.0.213
    Flash Player 21 Windows for Firefox and other Netscape Compatible Browsers - NPAPI: 21.0.0.213
    Flash Player 21 Windows for Opera and Chromium Based Browsers - PPAPI: 21.0.0.213


    Flash Player 21 for Internet Explorer on Windows 8.1 (64-bit machine): 21.0.0.213
    Flash Player 21 for Internet Explorer on Windows 8.1 (32-bit machine): 21.0.0.213

    Flash Player 21 Windows for Internet Explorer and Edge on Windows 10 - ActiveX: 21.0.0.213

    Flash Player 21 Mac for Safari, Firefox and other Netscape Compatible Browsers - NPAPI: 21.0.0.213
    Flash Player 21 Mac for Opera 26 and Chromium Based Browsers - PPAPI: 21.0.0.213

  • The Following 2 Users Say Thank You to cmangle For This Useful Post:

    Al Bundy (09-04-16),Tiny (09-04-16)

  • #8
    Banned
    Join Date
    May 2016
    Location
    Los Angeles, California
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Reputation
    10

    Default

    Thanks for this information. I will share this also.

  • Bookmarks

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •