F-Secure has joined the call the kill Flash, warning businesses of the recent surge in the number of exploits targeting Adobe’s plug-in.
Given the consistent use of Flash vulnerabilities in crimeware, F-Secure is adding its voice to other security researchers.
Flash’s vulnerabilities were thrust into the limelight, after a zero-day exploit used by the Italy-based surveillance company Hacking Team was stolen in a recent attack, resulting in its proliferation in exploits kits used by criminals.
According to F-Secure Labs, detections of Flash exploits from exploit kits increased by 82 per cent in the days following the attack.
“Criminals using exploit kits typically target insecure software that’s widely used and Flash has given them an easy target for at least the past seven or eight months,” said Timo Hirvonen, F-Secure’s senior researcher.
“Newer technologies are available and becoming more popular anyway, so it would really be worth the effort to just speed up the adoption of newer, more secure technologies and stop using Flash completely.”