Adobe Systems Inc issued an emergency update on Thursday to its widely used Flash software for Internet browsers after researchers discovered a security flaw (CVE-2016-1019) that was being exploited to deliver ransomware to Windows PCs.
The software maker urged the more than 1 billion users of Flash on Windows, Mac, Chrome and Linux computers to update the product as quickly as possible after security researchers said the bug was being exploited in “drive-by” attacks that infect computers with ransomware when tainted websites are visited.
Japanese security software maker Trend Micro Inc said that it had warned Adobe that it had seen attackers exploiting the flaw to infect computers with a type of ransomware known as ‘Cerber’ as early as March 31.
Cerber “has a ‘voice’ tactic that reads aloud the ransom note to create a sense of urgency and stir users to pay,” Trend Micro said on its blog.
Ransomware schemes have boomed in recent months, with increasingly sophisticated techniques and tools used in such operations.