Re: Angler exploits two Adobe Flash vulnerabilities
They don't. Flash is simply a point of entry to the overall network. So a "Luser" clicks on an infected Flash file (How many Russian language emails with .zip attachments can you get before you figure something is up?), is on the same network as the POS systems and the exploit works it's way through to the POS equipment.
The real issue is why is there a reason to have the POS directly connected to a network that is facing the Internet. It should be on it's own segregated network. In fact, I wouldn't trust a VPN or use a subnet.
Just take them off the regular network entirely. The vendor who manages the POS should be required to come to the site and download any consumption data rather than using the Internet.