Tag Archives | Adobe

Smashing Security #036: Flash? Clunk flush... and hacking security researchers PODCAST

Smashing Security #036: Flash? Clunk flush… and hacking security researchers

A security threat researcher is badly hacked in a revenge attack. Some people want to save Adobe Flash, but is that wise? And a poorly-secured electronic billboard starts displaying offensive images…

All this and much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Cluley 250 thumb

Adobe cockup means you may have two different versions of Flash installed on your PC

Shaun Nichols writing for The Register:

Adobe says a buggy installer is the reason some people have two different versions of Flash Player on their Windows PCs.

The software house told The Register it had to create an additional build of the browser plugin specifically for Microsoft’s Internet Explorer after the version made for other browsers – such as Mozilla’s Firefox and Microsoft’s Edge – wouldn’t install properly for IE.

So, for example, if you have Internet Explorer and Firefox on your machine, you’ll have two slightly different copies of Flash that should be functionally the same.

Quality control? Testing? What’s that then?

I wouldn’t blame you if you feel that this is the straw that broke the camel’s back. Here is how to completely uninstall Adobe Flash from your computer.

Cluley 250 thumb

Here’s the very best advice on what you should do with Adobe Flash

On Tuesday, Adobe released a critical update patching over 50 security holes in its Flash Player plugin.

Security blogger Brian Krebs says it better than me:

It’s bad enough that hackers are constantly finding and exploiting zero-day flaws in Flash Player before Adobe even knows about the bugs.

The bigger issue is that Flash is an extremely powerful program that runs inside the browser, which means users can compromise their computer just by browsing to a hacked or malicious site that targets unpatched Flash flaws.

The smartest option is probably to ditch this insecure program once and for all and significantly increase the security of your system in the process.

That seems pretty reasonable to me.

Here is our guide on how you can update Adobe Flash on your computer or (even better) uninstall it entirely.

If that seems too drastic a step for you take right now, at the very least consider enabling “click to play” to reduce the chances of attackers exploiting Flash as you browse the web.

The full advisory on the Flash security vulnerabilities can be read on Adobe’s website, as can details of the security update they have released for another of their beleaguered products - Adobe Reader.