Internet users should be warned for new vulnerability in Adobe Flash Player that is actively used to attack computers and for which no patch has been released yet. Visiting a malicious or hacked website can be sufficient to become infected with the malware.
Security researcher Kafeine from the blog Malware Don't Need Coffee discovered the exploit in a version of the Angler Exploit kit. Exploit kits contain exploits that abuse vulnerabilities in popular software. In most cases these are vulnerabilities for which updates are available but which haven't been installed by internet users yet. In this case the vulnerability is a so called "zero-day" for which no update is available. The discovered exploit is able to infect systems running on Windows XP with IE6 till IE9, Windows 7 with IE7 and Windows 8 with IE10 all when having the most recent Flash Player version installed.
Fully patched Windows 8. systems and internet users browsing with Google Chrome aren't vulnerable according to Kafeine. The OS and browser aren't vulnerable because the exploit doesn't target systems running that software. Internet users are advises to disable the Adobe Flash Player temporarily or switch to another browser. Internet Explorers can disable Adobe Flash following these directions. According to Adobe their Flash Player is installed on more than 1 billion computers.
