More bad news for Flash-dependent websites

More bad news for Flash-dependent websites

Recent threat analyses of more than 100 exploit kits and known vulnerabilities found Adobe Flash Player to be the most commonly exploited product.  According to the report by Recorded Future, that software provided eight of the top 10 vulnerabilities used by exploit kits in 2015.

The exploit kits represent malware software or crimeware as a service. Users pay per installation of the malware, and push the exploitations through compromised sites or malicious third-party advertising. When victims load the web page or follow a bad link, the exploit code is launched and possibly downloaded. 

Recorded Future analyzed 108 exploit kits from Jan. 1 to Sept. 30 of this year and found thousands of web references linking Adobe Flash Player vulnerabilities to an exploit kit. Angler was one of the most popular exploit kits, and the analysis of web sources highlighted Angler payloads like Cryptowall, AlphaCrypt, Necurs and Bedep malware.

The security concerns surrounding Flash are not new to government agencies, and influential web players like Amazon, Apple and Google Chrome have already stopped supporting certain Flash features. As GCN previously reported, however, Adobe Flash Player is still required by a surprising number of government web sites.

About the Author

Amanda Ziadeh is a former reporter/producer for GCN.


  • 2020 Government Innovation Awards
    Government Innovation Awards -

    21 Public Sector Innovation award winners

    These projects at the federal, state and local levels show just how transformative government IT can be.

  • Federal 100 Awards
    cheering federal workers

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

Stay Connected