Skip navigation

Effective October 28, 2019 Duo Security will be transitioning to Cisco's Privacy Statement. View the Duo Privacy Data Sheet.

Product & Engineering

Prevent Security Breaches Due to Out-of-Date Flash Vulnerabilities

Devices running outdated versions of Flash are susceptible to vulnerabilities and malware like the Cerber or Locky ransomware strains. Even though Adobe issued an emergency patch in April, a user accessing your network with a device that has a Flash plugin more than three months out of date puts your organization at critical risk.

Traditional endpoint solutions require users to install an agent on their devices or to schedule vulnerability scans. Duo offers a much easier approach: our Authentication Prompt inspects all devices as they authenticate into your corporate applications, without the use of an agent.

To prevent users who have devices with out-of-date Flash plugins from accessing corporate resources, you can leverage Duo’s Policy and Controls feature to set rules on a system-wide, per application, or specific group level: Authentication Prompt Policy and Controls Screenshot

When setting the policy, you can choose to block these users and allow an allotted time for them to self-remediate: Authentication Prompt Edit Policy Screenshot

Outdated Flash plugins on user devices can be detrimental to your organization’s security. Duo lets you seamlessly set policies and close the loop on these vulnerabilities. If you haven’t done it already, it takes only a few minutes to protect your organization from ransomware and other growing threats. Get started today.