Threat: Google security experts have reported a critical security flaw in Adobe and Windows products. The Windows flaw is confirmed by Microsoft not to have a patch yet. A flaw without a patch is called a Zero-Day flaw. Microsoft promises one in the monthly release this Tuesday Nov. 8’th. Google says, and Microsoft confirms, that the flaw is currently being exploited by hackers.
Risk: Until the patch is released using an unpatched Windows PC to do anything Internet related: surfing with Internet Explorer, reading email is potentially dangerous.
Real World Scenarios: You can visit a web page or click on a link in an email and a hacker can gain control of your computer.
Mitigation: Here’s what you can do –
Windows 7 – Adobe has released a patch. You can check your version here: http://www.adobe.com/software/flash/about/
We also recommend using and setting Google Chrome or Firefox as your default browser until the patch is released.
Windows 8 and 10 – These version include an unaffected version of flash. Microsoft recommends using the Edge browser for Windows 10 users. You can also use and set Chrome or Firefox as your default browser until the patch is released.
More Info:
Microsoft Post
http://blogs.technet.microsoft.com/mmpc/2016/11/01/our-commitment-to-our-customers-security/
Adobe Post
http://helpx.adobe.com/security/products/flash-player/apsb16-36.html
