Feel safe with your fully-patched computer? If you use Flash and land on the wrong website, you may get a virus or even a cryptolocker that renders your machine unusable. That’s because a sophisticated “zero-day” exploit stolen from Hacking Team has now been released into the wild. As a reminder, Hacking Team is the infamous outfit that supplies US law enforcement and various governments around the world with digital spying tools. However, the company suffered an embarrassing attack on its own servers, and among the 400GB of data stolen were some nasty tools originally intended for use by agencies like the US Drug Enforcement Agency.
Security experts say attackers have now unleashed those tools on the internet, leaving all computers vulnerable until Adobe patches Flash, which it’s expected to do tomorrow. Malwarebytes called it “one of the fastest documented cases of an immediate weaponization in the wild, possibly thanks to the detailed instructions left by the Hacking Team.” So what can you do about it? Obviously, be careful about which sites you visit, but you may also want to either enable “click-to-play” for the Flash plug-in or disable it completely, as detailed by How-To Geek.
Source: Engadget, Malwarebytes
To protect yourself until Adobe updates flash to prevent the exploit please install this: