Flash Player users may be vulnerable to new attacks

This week, experts have warned that users who haven’t updated their Flash Player with the fixes released in October may be vulnerable to new attacks using a commercial exploit kit called Fiesta.

Adobe has already issued a fix in the Flash Player updates for this vulnerability, which is being tracked as CVE-2014-0569 in the Common Vulnerabilities and Exposures (CVE) database.

Users who have not yet installed the latest Flash Player updates are being urged to do so as soon as possible. Companies that don’t deploy automatic updates, and where patching takes longer, should also take immediate measures to update their Flash Player with the new fixes.

While not as severe as the Heartbleed and the Shellshock vulnerabilities, the Fiesta exploit kit is another reminder about the persistent threat posed by cyber attacks.

Companies are advised that they need to patch and test their networks’ systems regularly. The following fixed-price CREST-accredited testing services can be deployed by any company looking for better protection:

 3184  4452  4451  3185
Infrastructure (Network) Penetration Test – Level 1
Combined Infrastructure and Web Application Penetration Test – Level 1
Employee Phishing Vulnerability Assessment
Web Application Penetration Test – Level 1