The recent hack into spyware company Hacking Team shows a security flaw in Adobe Flash that allows malicious hackers to access other PCs. Two days after spyware company Hacking Team was hacked with their data exposed online, certain source code was detected within the leak that found unpatched security vulnerabilities. These vulnerabilities were the possible ways through which Hacking Team was breaking into PCs.
The vulnerabilities were in Adobe's Flash and Microsoft’s Windows OS. These allowed hackers to execute code on another PC through a website, against Chrome, Internet Explorer, Safari and Firefox browsers, and worked on Windows, OS X and Linux platforms. Hacking Team’s description found within the leak states that this is the “most beautiful” Adobe Flash bug in the last four years, suggesting that it might have used these loopholes to gain access and remotely control other PCs.
A second flaw was found in Adobe font’s driver for 32- and 64-bit versions of Windows, starting from Windows XP to Windows 8.1, that allowed hackers to elevate their status to administrator in other PCs. A statement given to The Verge, by a Microsoft spokesperson, states his belief that the vulnerability was not all-compromising for victims. While Microsoft is working on releasing a patch for the flaw, Adobe has already released an update to cover up for it.