A major gaping hole is found in the popular Adobe Flash Player software used for watching videos online on a global scale. This flaw allows the attackers to take control of user’s system once they visit any malicious website.
Hackers Team which is known to create surveillance software for governmental agencies had stumbled upon this flaw when 400 GB of data was stolen from it over the weekend. Adobe had cleared all the speculations surrounding the emergence of this serious flaw and it had promised to make a fix available to all the users by Wednesday.
All You Need To Know About The Flaw In Flash Player
This serious flaw is present in the Adobe Flash Player 18.0.0.194 and its earlier versions, which were released for all the major OS like Windows, Mac and Linux. Adobe stresses on the fact that this flaw can be used to cause a sudden crash and act as a backdoor for the attackers to take control of affected system.
Hacking Team had described this bug as a fascinating bug, which had come to light in as many as four years of successful running of Flash player. The severity of this flaw is extremely high and some of the hackers are already utilizing it for a long time to create undue nuisance for the users with affected systems. The internal documents also stress on the point that it can be used as a weapon on mass scale to cause considerable loss of information and high-jacking of systems on a larger scale. Until a fix or security update is provided by the Adobe it will be wise to disable the Flash Player completely in the browsers to avoid further damages.
Hacking Teams Cautions Windows Users
The data released by the Hacking Team also reveals about vulnerability in the Adobe font drivers in Windows. The flaw in Flash Player has high severity rate in both 32 and 64 bits versions of Windows OS ranging from the order XP to latest 8.1. Windows computer is at greater risk of losing control to the hackers with the presence of this flaw. For successful taking control a hacker will have to rely on other vulnerability of font driver. Microsoft is quick to give heed on this situation and they are actively working on bringing a security fix for its users.
Hackers Are Already Exploiting This Flaw
Hackers Team got a wind of this flaw after a mysterious hacker going by the name PhineasFisher started exploiting this flaw. He had already created immense troubles for many companies being serviced by Hackers Team which includes even some governmental institutions.
The detailed report furnished by Hackers Team states that its RCS surveillance software possess capabilities for monitoring activities on Skype, Gmail, Facebook and Outlook.com along with cryptocurrencies transactions. This can be helpful for companies and its clients in keeping a keen eye upon its employees. However European parliament is seriously debating upon the legitimacy of any such software being used by a governmental organization to snoop upon its citizens.
No comments:
Post a Comment