Though it’s been reported as being on death’s door for well over a year, Adobe Flash is still in wide use on the internet. Just as stubbornly, security problems continue to plague its undying existence, and the latest is already being exploited by an advanced persistent threat group dubbed StarCruft by security firm Kaspersky. Details are sketchy at the moment – Adobe isn’t publicizing any details on the loophole, and it won’t be patched until June 16 at the earliest.
What this means for you:
According to Kaspersky, the exploit is definitely being used to attack what they call “high value” targets – primarily large companies or organizations with data that would be prized either for criminal or political value, but that doesn’t mean anyone can rest easy. The patch from Adobe will most likely solve this particular vulnerability, but you can count on other exploits being discovered, as they always have in the past, and, as always, the fix is entirely dependent on people actually updating their software on a regular basis. Until you can confirm Flash has been patched on your workstation, avoid clicking strange links (as always), and make sure you have updated malware protection in place.