Dealing with Flash Vulnerabilities


Dealing with Flash Vulnerabilities

At this point, there are not many viable alternatives to Flash. However, the security concerns associated with Flash have become so serious and prevalent – that we decided it was important to share the warnings being issued across the industry – so members of our community can be better informed. Should you prefer to keep Flash, we strongly encourage you to make sure the application is always up to date.

Great information from Tom’s Hardware for those looking for the best way to cope with the seemingly never ending list of Flash security vulnerabilities.

(UPDATE: As of the morning of July 14, both the Mozilla Firefox and Google Chrome browsers blocked Flash from running automatically. Users could still choose to run individual instances of Flash.)

(UPDATE: Adobe patched the two latest flaws July 14, according to the company’s latest security bulletin. As of this writing, both Chrome and Firefox were still blocking Flash from automatically running. Firefox and Microsoft Internet Explorer users can manually update here; be sure to uncheck the “optional offers” to avoid potentially unwanted programs being installed along with the Flash update. Chrome should automatically update itself later today.)

The previously unknown flaws were in files stolen from Hacking Team, an Italian company that sells digital surveillance tools to governments worldwide, and posted online July 5. In an advisory posted Friday, Adobe said it “expects” to provide patches for the vulnerabilities “during the week of July 12, 2015.”

Even after these flaws are patched, Adobe Flash Player will still be a huge security risk. Alex Stamos, head of security at Facebook, yesterday urged that “Adobe … announce the end-of-life date for Flash,” adding that browsers should disable Flash at the same time.

To heed Stamos’ advice, you may want to leave Flash permanently disabled, although you won’t be able to view many animations and, well, animated ads. A less drastic solution is to set Flash to “click to run”; any Flash animation that wants to run will need your permission first.–http://www.tomsguide.com/us/disable-flash-how-to,news-21335.html


How to Disable Flash
http://www.tomsguide.com/us/disable-flash-how-to,news-21335.html

Two critical flaws in Adobe Flash Player were found this past Friday (July 10), and Adobe can promise only that it will patch the vulnerabilities sometime this week. Until then, it’s best to disable Flash Player in all desktop Web browsers.

How to Set Adobe Flash Player to Click-to-Run http://www.tomsguide.com/us/flash-click-to-run-how-to,news-20422.html

To maximize your Web security and defeat the seemingly endless supply of malware that exploits the innumerable flaws in Flash Player, you should change your browser settings so that Flash Player plays only the content that you select by clicking on it.

This way, you’ll still be able to watch YouTube videos in older browsers (newer ones use HTML5), but you won’t be bothered by annoying animated ads or infected by malicious websites and ads

171 total views, 1 views today

(Visited 41 times, 1 visits today)

2 thoughts on “Dealing with Flash Vulnerabilities

  1. As you say in the article “At this point, there are not many viable alternatives to Flash”, and add to that, Java as well.
    Today I tried to count the number of times I saw something on my monitor that needed either java or flash to run so I could actually see what I was trying to look at.
    I lost count at around 100. If I’m searching websites to purchase items, reading my emails (including advertising that I actually want to see) or checking company sites that run animated graphs, charts & the like, I have no choice but to use the 2 afore mentioned sw’s.
    For example over this past weekend the BOM.gov.au has not been running the active overlay that shows the rain on their weather radar maps. Obviously there was a glitch in the updating of their java. When I ‘inspected the element’, it was the first line of java script that was highlighted, meaning that’s where the problem lay. I really needed to see where the rain showers were & where they were heading to, this past weekend. But the whole of Australia was not being shown the tracks of rain on the weather bureau radar maps.
    Apart from slightly inconveniencing me, imagine if no-one could see those rains maps anymore?
    I also reflect on the number of security patches that come through from Microsoft on a daily basis. There’s always something wanting to update due to “a vulnerability”. Same same! Yet I don’t see people telling everyone to ditch MS! (other than Mac people! lol)

  2. The only thing that stopped me from purchasing your product this time last year is the same this year; no tech support by phone. Trying to solve an issue by email just ain’t cutting it with me. Presently I have Norton 360, which I have had for the past 10 years or so. It is very capable at what it’s designed to do.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.