Just say NO to Adobe Flash Player -- emergency patch vs. Cerber ransomware

Adobe Systems’ Flash Player software is vulnerable (again). Ransomware is exploiting it. So patch now—or just uninstall it already!

Adobe Systems Adobe Flash Player ransomware
J.D. Hancock (cc:by)

Flash Player gets another emergency patch—this time, Adobe Systems is warning of a ransomware attack, exploiting a bug in the beleaguered software. So should you install the patch, or just uninstall Flash Player? What do you think…

The ransomware, known as Cerber, has an unusual schtick: it talks to you. “Attention,” it slurs. “Your documents, photos, databases, and other important files have been encrypted.”

In IT Blogwatch, bloggers test their backups and uninstall Flash. Your humble blogwatcher curated these bloggy bits for your entertainment.

What’s the craic? Jim Finkle reports—Adobe issues emergency update:

Researchers discovered a security flaw...being exploited to deliver ransomware...in "drive-by" attacks that infect computers...when tainted websites are visited. ... Trend Micro Inc...warned Adobe that it had seen attackers exploiting the flaw [with] 'Cerber'.

Ransomware schemes have boomed in recent months. ... FireEye said that the bug was being leveraged [by] the Magnitude...automated tool sold on underground forums.

Here we go again. Abigail Tracy says it's In Response To Zero-Day Exploit:

Another day, another Adobe Flash vulnerability. ... Proofpoint first identified the severe vulnerability...now known as CVE-2016-1019.

The exploit was calling an...undocumented API in Flash. ... Primarily spreading Cerber ransomware [and] Locky ransomware. [Proofpoint] is pretty certain it is the same group [that was] spreading Cryptowall and Teslacrypt malware over the last few months.

If you can, uninstall Flash [Player] and use Flash in a contained environment like...Chrome’s sandbox.

Let's hear from Trend. Rhena Inocencio, Ruby Santos and Joseph C. Chen speak—Crypto-ransomware that Speaks:

No other Crypto-ransomware...has a ‘voice’ capability to...move users into action. ... This innovative technique is reminiscent...of REVETON [which] can also ‘speak’.

Some reports mentioned that CERBER is being peddled...as ransomware-as-service (RaaS). ... We will be seeing more of CERBER in the near future.

[Do not] succumb and pay the ransom. ... Cybercriminals may potentially target the same users.

LOL, unless you're a hospital with no backups, eh? Kelly Fiveash gives good advice—Adobe patches Flash ransomware flaw:

Adobe claimed that the...exploits were only targeting Windows 10 users. [But] it would be wise...to update the software.

Wise, yes. Zach Epstein helpfully links to all the manual downloads, warning that you need to update immediately:

Stop us if you’ve heard this one before… dozens of times. ... This isn’t some tiny bug...handled privately with Adobe.

All desktop versions of Adobe Flash player are affected. ... You can use the update mechanism...or you’ll find...alternative options here.

You have been reading IT Blogwatch by Richi Jennings, who curates the best bloggy bits, finest forums, and weirdest websites… so you don’t have to. Catch the key commentary from around the Web every morning. Hatemail may be directed to @RiCHi or itbw@richi.uk.
Opinions expressed may not represent those of Computerworld. Ask your doctor before reading. Your mileage may vary. E&OE.

Copyright © 2016 IDG Communications, Inc.

Shop Tech Products at Amazon