Following the discovery of a critical zero-day vulnerability in Adobe’s Flash Player which is being actively exploited in real-world attacks to infect unsuspecting internet users with malware, experts from Lieberman Software and ESET discuss whether anyone should still be using Flash Player at all.
Jonathan Sander, VP of Product Strategy at Lieberman Software:
“If you’re strictly a business user who uses email, documents, and Web, then you could likely never want or need to install Flash. However, if you play even one game on the web, then you likely use Flash. And if you have a kid that plays lots of games in their web browser, then you likely have a heavy Flash user on your network.
While a Flash vulnerability won’t be a direct path to critical data in most cases, if it allows a bad guy to get a foothold- it can be dangerous. Small issues like malware on your Flash-game-playing child’s machine can turn into major breaches if that machine can be used as a stepping stone to your work laptop if it is connected to your home network, for instance. Of course, this malware can spread once you connect to your corporate network in the office the next day.”
Mark James, Security Specialist at ESET:
“Adobe flash is still found on way too many machines. It’s one of those programs that’s often not actually used as many vendors see it as a huge security problem. The program itself is one of many that users will leave on their machine without actually using it or understanding the security risk. As with all software these days you need to keep them on the latest versions or better still uninstall it if you don’t need it. Having a regular updating Internet security product will help to keep you safe.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.