A zero-day vulnerability has been discovered in Adobe Flash.
While that sounds like an apocalyptic situation, the term ‘zero-day’ simply means a vulnerability in a software program that is unidentified. The developer of the software is newly aware of it and has not had the time to address and patch the vulnerability, making users of the software, well, vulnerable, to the situation.
The first indicators of this news came in a blogpost by Kafeine, a security researcher. He noticed that a vulnerability was being exploited by Angler Exploit Kit, one of many tools sold on the underground market that help criminals commit cybercrime.
While these vulnerabilities crop up from time to time, this one is a big problem as the software affected, Adobe Flash, is very widely used. Kafeine has discovered that the vulnerability affects Internet Explorer and Firefox browser users who have Adobe Flash installed, and may be exploited by cybercriminals to install malware onto their computers. This ranges from viruses and trojan horses to spyware and adware.
The specific browsers affected are:
- Internet Explorer versions 6 through 10
- Windows XP (Internet Explorer versions 6-8)
- Windows 7 (Internet Explorer version 8)
- Windows 8 (Internet Explorer version 10)
- Firefox browser
So what can you do about it? Symantec, a cyber-security company, suggests a simple solution. Go into your browser, and turn off plug-ins or extensions that you don’t use on a regular basis to reduce the vulnerability in your computer. Both IE and Firefox users should also temporarily disable Flash, which may be annoying when you’re used to watching videos on your Facebook News Feed, but should keep you safe until Adobe fixes this problem.
And of course, make sure you have anti-virus software installed — but you should have that already.