Posted By: ITWiser Webmaster - Yorkshire's IT Specialists
Posted By: IT Wiser
Will the Latest Flash Security Problems Bring Its Demise?
Adobe's highly popular Flash product has been getting a lot of bad press lately. Most recently is news of yet another Flash zero day exploit that has made its way across the Internet like a flash mob juiced up on energy drinks. The question is one of will the ongoing security problems lead to the demise of Flash. Some seem to think so.
The zero day exploit we first started hearing about last month is apparently more serious than anyone expected. According to Cisco, there are at least 1800 subdomains across the World Wide Web that have been using the Flash vulnerability to spread the Angler exploit. Most of the sub-domains they detected were set up on the 28th and 29th of January, and concentrated on about four dozen registrant accounts belonging to GoDaddy.
Analysts suspect hackers are using a large number of sub-domains that can be set up, used for short time, and abandoned before detection. It is all part of a sophisticated malvertising campaign that also affected Microsoft's Silverlight plug-in last year. This most recent zero day vulnerability is just the latest in a string of such problems associated with Adobe Flash in recent months.
This begs the question as to why Flash seems to be so vulnerable. It comes down to the archaic nature of the software and the sale of exploit kits on the Internet. Exploit kits are collections of known exploits compiled from official testing and research that are then grouped and sold to hackers. For a small fee, a hacker can purchase a number of kits that can be attached easily to computer code and spread through the Flash web browser plug-in.
The lesson in all of this is two-fold. First, any individual or company using Flash should make sure that the software is routinely updated. Furthermore, updates should be done manually rather than automatically. Second, companies need to regularly run internal and external security audits to make sure their machines and networks are not compromised. IT Wiser can assist you with those audits.
How Audits Help
An external security audit from IT Wiser can help identify any security risks that your network is exposed to as a result of your Internet service provider (ISP). Unfortunately, such security risks are more common than most business owners know. If you do not know they exist, how can you protect yourself from external threats?
As for the internal security audit, it is necessary to protect your network from workers who might be disgruntled or ignorant of how their own actions can negatively affect your systems. An internal audit looks for potential vulnerabilities and threats inside your network, exposing them so that you can develop solutions.
If a company such as Adobe can have problems with a flagship product like Flash, your company can succumb to its own security issues as well. Contact IT Wiser and let us conduct the necessary security audits on your behalf. You cannot afford to risk the security of your network.