Patch your Flash and be sharp about it!
After a fairly quiet week in the infosec world, not for the first time, Adobe has come to the rescue of this blog as well as their many vulnerable users.
Reporting that attacks against a serious vulnerability in FlashPlayer could lead to your machines being compromised and that these attacks are now being observed in the wild (IRL!), Adobe has released a so called ‘out of band’, or unscheduled patch to fix the issue.
This is clearly a serious issue – to prompt an update outside of the usual patch window, so we would be negligent not to advise you to ensure you install the Flash 18.104.22.168 update as soon as you can.
It is often the case that many organisations struggle to identify patch levels of components to this granularity.
ITC’s Network Admission Control product of choice, ForeScout is really useful at identifying the software installed across your estate and provides excellent reporting in real time. It can even enforce remediation automatically and move stubborn, out of compliance machines to the naughty step until they say sorry and play by the rules.
We love this technology and would love the opportunity to spread the love and tell you all about it in person.
ITC is investigating the attack vector in use and will be creating content for our NetSure360° managed service customers to identify the flash exploit in action.
If you would like to speak to us about NAC, Flash, NetSure360° or for that matter any secure networking issues please contact us on: [email protected] or call 020 7517 3900.