You might have noticed these days that security threats can’t seem to stop attacking Flash Player users. The most recent attack was identified as BadRabbit, a new strain of ransomware.
The activities of this threat were to infect corporate networks as well as critical infrastructure all over the world. The worst hit were Ukraine and Russia, while minor incidents were reported in Asia-Pacific, particularly Japan and South Korea.
BadRabbit was able to make its way into a system computer via a fake Adobe Flash Player update notice. When the file has been downloaded, the user will then execute the fake file that has admin credentials manually. Thus, there is no automatic execution of the malware will happen.
When the malware has been executed, it will encrypt files on the devices or computers being compromised via a hardcoded list of extensions. For this reason, the user will be held helpless until the demand in Bitcoin will be paid in which the files will be decrypted after.
This type of threat would be avoided if users will be responsible enough to update the Adobe Flash Player plug-in. In fact, there were several patches released by Adobe to address security issues. One of them is patch KB4049179, compatible with several Windows versions, including the Fall Creators Update version of Windows 10.
The versions supported by this patch include Windows Server 2012 R2, Windows Server 2016, Windows 10 Versions 1607 and 1703, Windows 8.1, and Windows RT 8.1. One of the most notable fixes of this patch was the issue wherein the audio didn’t switch to headset mode when playing Flash content on Microsoft Internet Explorer or Edge.
You should get the KB4049179 via the Windows Update automatically. A standalone package of this update can be downloaded from the Microsoft Update Catalogue.