The ever exploited flash player has had yet another hole fixed http://www.bbc.co.uk/news/technology-30948123
Adobe has released an emergency patch for a flaw in its Flash software that was being widely exploited by thieves. The patch stops the flaw being exploited on some versions of Windows, Apple and Linux operating systems.
In addition, it is investigating reports that another previously unknown flaw is being used in a popular cybercrime kit sold online.
The kit is favoured by gangs who use malicious programs that demand a ransom after it encrypts important files. Adobe's Flash player is used on many websites to show video and other multimedia content.
Although the flaw was present on older versions of Flash used on different operating systems, analysis suggests that it was being most widely abused through the Internet Explorer browser on Windows machines.
On these devices it was being used to get round separate security measures introduced by Microsoft that tried to stop malware working out where in a computer's memory it could find useful data.
The other new flaw Adobe is investigating has appeared in the Angler exploit kit that many cyber-thieves have adopted. Security researchers said this flaw was being widely used in booby-trapped adverts to compromise vulnerable computers.
Once the malware lands on a machine it then tries different tactics to help its creators cash in. It can scramble files and demand a ransom; seek out banking details or hijack ads on webpages as people browse.
I have lost count of the number of exploits found in the humble flash player product, it might be a sensible idea if they scrapped it and worked on a more security centric model from the ground up as this sort of drip-drip annoyance must be embarrassing someone by now.
Check if your all good here:http://helpx.adobe.com/flash-player.html