Page 1 of 1
Adobe Flash vulnerability
Posted: Wed Jul 08, 2015 4:35 am
by Vephriel
Just a heads up that everyone should disable Flash in their browsers due to a very recent vulnerability. Spreading this info over here:
Please disable Adobe Flash until further notice. A group of hackers have hacked into the program for it and leaked a vulnerability that lets a malicious program do whatever it wishes to your computer via flash.
This is currently ranked as a critical rating by Adobe.
These can mean forcing different sites to appear with flash on it (Screamers or revolting videos) and possibly encrypting your entire HDD.
As of writing this post (July 8th, 2015), the CERT/CC is currently unaware of a practical solution to this problem.
Please, do not open any untrusted flash content. Try to avoid opening flash content in general. I am begging you to share this information. Make your own posts, tell your family and friends, or anyone you know who has a computer. This is for you and your computer’s safety.
Source:
Adobe and
CERT
To disable on Chrome:
- Type chrome:plugins into the address bar
- Find the Adobe Flash Player
- Click Disable
To disable on Firefox:
- Go to Tools > Add-ons
- Click on the Plugins tab
- Find Shockwave Flash
- Click Never Activate or Ask to Activate
Re: Adobe Flash vulnerability
Posted: Wed Jul 08, 2015 5:21 am
by Lisaara
Unfortunately, a lot of sites require flash still.
Re: Adobe Flash vulnerability
Posted: Wed Jul 08, 2015 10:24 am
by Wain
That's a big worry :/
In Firefox I always have Flash set to "Ask To Activate", which is one of the options in the Add-ons preferences (in Firefox anyway). That way you can always choose which sites get to access and load it, and at what times. It's especially good for sites that have run-away levels of Flash advertising (I'm looking at you, Wowhead!). I don't resent sites funding through advertising, but there are limits to what how much intrusive crap I'll put up with
Anyway, setting to to "Ask" may be a decent compromise, as you can control it to only things you really trust.
Re: Adobe Flash vulnerability
Posted: Wed Jul 08, 2015 11:47 am
by Arthur
Thanks for the warning, I didn't know about this.
Re: Adobe Flash vulnerability
Posted: Wed Jul 08, 2015 3:02 pm
by Vephriel
Good news! It has been fixed as of today.
Once you have the update it is safe to turn on again.
Update from Adobe:
https://www.adobe.com/support/flashplay ... loads.html
Link to download newest update:
https://get.adobe.com/flashplayer/
Re: Adobe Flash vulnerability (Update: fixed)
Posted: Thu Jul 09, 2015 3:40 am
by Lisaara
Awesome!
Re: Adobe Flash vulnerability (Update: fixed)
Posted: Sun Jul 12, 2015 12:18 am
by Anyia
Aaaand
another one... Switch off your flash plugins again folks!
Flash needs to die. The damn thing has had more security holes than Windows itself I reckon (on a per-feature scale at least).
Re: Adobe Flash vulnerability (Update: fixed)
Posted: Sun Jul 12, 2015 12:29 pm
by Arthur
Oh wow. :< Thanks again for the warning.
Re: Adobe Flash vulnerability (Update: fixed)
Posted: Tue Jul 14, 2015 11:22 am
by Wain
It's serious enough that Mozilla has taken the unprecedented step of (temporarily) blocking Flash by default in Firefox...
https://www.facebook.com/Firefox/posts/ ... 5669140022
Apple had the right idea, ban Flash and force the web to update to HTML5. It's old, buggy and very insecure.
Re: Adobe Flash vulnerability
Posted: Tue Jul 14, 2015 2:59 pm
by Vephriel
Oof, yeah thanks for the additional warning. Turned mine off again. :/
Re: Adobe Flash vulnerability
Posted: Tue Jul 14, 2015 7:18 pm
by cowmuflage
Handy that Firefox is doing my work for me haha