Huge Adobe Flash security vulnerability revealed after hacking group's documents leaked

The Hacking Team hack, which saw the government-sponsored cyberattack group’s secret documents made public, has shown many of the security holes that it used to break into computers

The hack has already cost British losses of £20m
The hack has already cost British losses of £20m

Adobe Flash, a program that is installed on more than 1 billion computers, has a serious vulnerability that could let anyone take over it.

The huge weakness was revealed as part of documents leaked after a cyberattack on Hacking Team, a government-sponsored spying group, that seems to have been using it to break into computers. There is no patch available to fix the problem — though Adobe has said it will provide one today — and so the safest way to ensure that computers aren’t vulnerable is to delete the application entirely.

“Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system,” according to a statement from Adobe. The problem affects Windows, Mac and Linux computers.

Since the vulnerability has now been detailed in public documents, following the hack, anyone can use it against any computer running the application. Some experts have shown how the vulnerability could be used to take control of computers and run files on them — exposing all of the information stored there as well as potentially making them available for immoral or illegal use.

The flaw comes from a hole in the Flash code that attackers can use to read and write information onto a computer. Once they have done that they can send instructions to the computer, which will then execute it.

Hacking Team described the vulnerability as "the most beautiful Flash bug for the last four years", according to leaked documents.

The organisation, a cybersecurity firm that sells its tools and services to governments, was hacked earlier this week. The leaked files were distributed over the internet — and seemed to indicate that the group had been selling its tools and services to oppressive regimes.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Please enter a valid email
Please enter a valid email
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Please enter your first name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
Please enter your last name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
You must be over 18 years old to register
You must be over 18 years old to register
Opt-out-policy
You can opt-out at any time by signing in to your account to manage your preferences. Each email has a link to unsubscribe.

By clicking ‘Create my account’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in