Hacking Team, a spyware company, was recently compromised, leading to the leaking of 400GB of internal files, emails, and source code that was made available for anyone to download on torrent sites. Some software flaws have been uncovered and leaked, along with some embarrassing communications. Some source code contained within these software vulnerabilities are being exploited by Hacking Team to break into PCs, according to a report by The Register. Users are advised to update your Flash ASAP because at least one of the vulnerabilities is paired with Adobe.
There’ve been two vulnerabilities discovered so far, affecting Adobe’s Flash software and Microsoft’s Windows operation system. Hacking Team suggests that Flash may even have been using this flaw to access people’s machines for some time, calling it “the most beautiful Flash bug for the last four years.” The vulnerability allows attackers to take victim’s machine code from a website. It can be used against browsers such as Chrome, IE, Safari, and Firefox, and it is affecting Linux, Windows, and OS X. Hacking Team seems to have already been using this flaw to install exploit kits to monitor or control PCs. Now that Adobe is aware of the vulnerability, they have issued a patch. If you could move away from using Adobe Flash, then I’d suggest doing so since Flash has had security issues for years.
The other vulnerability affects an Adobe font driver in Windows and allowed attackers to level up their privileges on a machine to administrator level. Researchers say that all 32-bit and 64-bit versions of Windows are being affected, from Windows XP to Windows 8.1. Combining this with the Adobe Flash flaw makes it rather quite easy for your PC to be exploited. A Microsoft spokesperson says that they believe their customers risk is limited, the vulnerability alone couldn’t allow an adversary to take control of a machine. They claim to be working on fixing the flaws, but for now they advise you to update your Adobe Flash.
Content originally published here
