In a recent move, many browsers have permanently disabled Adobe Flash Player in the favour of HTML 5. This has happened for good, as the researchers have found the Flash Player to be putting computers world over at risk due to its vulnerabilities. The research by RecordFuture says that the cybercriminals still look for security flaws in the Flash Player for targeting computers.
The research says that out of the top 10 vulnerabilities used by the exploit kits, 6 had impacted Adobe Flash Flash Player. And each security flaw was being targeted by at least 7 exploits. This is said to be the highest penetration level among the analysed vulnerabilities by the researchers. The flash Player security flaws were being used by Angler, Magnitude, RIG, Neutrino, Nuclear Pack and Spartan.
Besides this, the security flaw CVE-2016-0189, found in Internet Explorer, was also one of the most exploited vulnerabilities by the cyber criminals. The vulnerability found in the Internet Explorer was also used by a number of exploit kits that include Magnitude, Neutrino, RIG and Sundown. While Adobe and Microsoft’s products were easy targets, MacOS and Linux weren’t left either.
CVE-2015-7645 impacted the Mac and Linux running devices, besides the Windows ones. The vulnerabilities can be used by the exploit kits to take complete control of the affected system. The researchers said that among the users of this vulnerabilities was the Pawn Storm (APT28, Fancy Bar), an espionage group backed y the Government of Russia.
It was suggested by the researchers to switch to Google Chrome because of Google’s Project Zero, which takes care of the Flash Player’s vulnerabilities. On the other hand, Microsoft says that it offers better security features with its new Edge browser on the Windows 10 OS.