This week, Google’s Threat Analysis Group announced serious vulnerabilities in Adobe Flash and the Windows Operating System. These vulnerabilities, known as “Zero-Day Vulnerabilities" made it possible for a hacking group called Strontium, or Fancy Bear, to hack computers. The operating systems that are affected by this are all versions of Windows from Windows Vista through Windows 10.
Microsoft will release a patch next week to address this issue, but Adobe has already released an update. Please make sure that you have the latest version of Adobe Flash Player. More information on that update here. Since the hackers used the vulnerability in Flash to then gain access through the Windows Operating System, your computer should be protected as long as you have the latest version of Adobe Flash Player.
Some Additional Details
Microsoft and Google have displayed some animosity toward each other over Google’s announcement. Google’s policy was to inform both Adobe and Microsoft of their discovery a week before making the announcement public. That week was enough time for Adobe to create an update to fix the bug, but Microsoft’s task is inarguably more burdensome. A week was not enough time for them to test and deploy patches for all Windows Operating Systems. Microsoft claims that making their vulnerability public before they have released a fix is dangerous for consumers.
Additionally, the hacker group Fancy Bear, blamed for exploiting this vulnerability, has also been linked to the Democratic National Committee data breach, the World Anti-Doping Agency hack, and many other government agency hacks around the world. As hacks like these become more common, it becomes increasingly important to protect yourself online by keeping your software up-to-date, and opening e-mails with caution.
For more information read this post from Microsoft . It does a great job of outlining the issue and providing ways to keep your computer safe.