Adobe Flash vulnerability

[Vephriel]

Just a heads up that everyone should disable Flash in their browsers due to a very recent vulnerability. Spreading this info over here:

Please disable Adobe Flash until further notice. A group of hackers have hacked into the program for it and leaked a vulnerability that lets a malicious program do whatever it wishes to your computer via flash. This is currently ranked as a critical rating by Adobe.

These can mean forcing different sites to appear with flash on it (Screamers or revolting videos) and possibly encrypting your entire HDD.

As of writing this post (July 8th, 2015), the CERT/CC is currently unaware of a practical solution to this problem.

Please, do not open any untrusted flash content. Try to avoid opening flash content in general. I am begging you to share this information. Make your own posts, tell your family and friends, or anyone you know who has a computer. This is for you and your computer’s safety.

Source: Adobe and CERT

To disable on Chrome:

• Type chrome:plugins into the address bar
• Find the Adobe Flash Player
• Click Disable

To disable on Firefox:

• Go to Tools > Add-ons
• Click on the Plugins tab
• Find Shockwave Flash
• Click Never Activate or Ask to Activate

[Lisaara]

Unfortunately, a lot of sites require flash still.

[Wain]

That's a big worry :/

In Firefox I always have Flash set to "Ask To Activate", which is one of the options in the Add-ons preferences (in Firefox anyway). That way you can always choose which sites get to access and load it, and at what times. It's especially good for sites that have run-away levels of Flash advertising (I'm looking at you, Wowhead!). I don't resent sites funding through advertising, but there are limits to what how much intrusive crap I'll put up with

Anyway, setting to to "Ask" may be a decent compromise, as you can control it to only things you really trust.

[Arthur]

Thanks for the warning, I didn't know about this.

[Vephriel]

Good news! It has been fixed as of today. Once you have the update it is safe to turn on again.
Update from Adobe: https://www.adobe.com/support/flashplay ... loads.html
Link to download newest update: https://get.adobe.com/flashplayer/

[Lisaara]

Awesome!

[Anyia]

Aaaand another one... Switch off your flash plugins again folks!

Flash needs to die. The damn thing has had more security holes than Windows itself I reckon (on a per-feature scale at least).

[Arthur]

Oh wow. :< Thanks again for the warning.

[Wain]

It's serious enough that Mozilla has taken the unprecedented step of (temporarily) blocking Flash by default in Firefox...
https://www.facebook.com/Firefox/posts/ ... 5669140022

Apple had the right idea, ban Flash and force the web to update to HTML5. It's old, buggy and very insecure.

[Vephriel]

Oof, yeah thanks for the additional warning. Turned mine off again. :/

[cowmuflage]

Handy that Firefox is doing my work for me haha