In an announcement that surprises no one, Adobe has released an update to their Flash Player. Updates to Adobe’s Flash suite seem to come rather frequently, mostly because new vulnerabilities are continually being found. This time, the bug being patched is one that allows someone to take over your computer and hold your data for ransom.
In the statement released by Adobe, they announced that the update addresses “critical vulnerabilities” and is available for Windows, OSX, Linux, and ChromeOS. They stated that they are aware of at least one flaw in Flash Player 126.96.36.1996 that is actively being exploited on Windows systems. It’s unknown if they have discovered any issues with it on other operating systems, but they have gone ahead and patched the flaw on all operating systems, just to be sure.
The specific vulnerability is labeled CVE-2016-1019, and was discovered by three different researchers, including at least one at Google, who made them aware of the issue. The vulnerability is one that appears to allow someone to take over your machine, and hold it ransom, which is an issue that we’ve seen more and more.
Back in February, one California hospital paid roughly $17,000 to have their computers unlocked after a similar exploit was used to hold their files and systems for ransom. While most ransomware attacks do tend to target large companies with a lot of valuable data, it’s still a good idea to keep your software up to date, just in case.