PDA

View Full Version : Adobe Flash Player : Security Risk!



ricktas
15-07-2015, 6:52am
For those of you using Firefox, you may have seen a pop-up saying Firefox has disabled flash player from a website in the past couple of days.

Recently a HUGE security vulnerability was discovered in Adobe Flash Player. This vulnerability was quickly taken up by the hackers and incorporated into their arsenal of hacking tools. The vulnerability will allow a hacker access to fairly much your entire computer.

Mozilla (the makers of Firefox) took the unprecedented step of blocking Adobe Flash Player from working with their browser, to protect their users. Thus the message you may have seen if you used Firefox in recent days.

At this time, Mozilla and others are recommending that the BEST SOLUTION is to uninstall Adobe Flash Player from your computer completely.

http://www.huffingtonpost.co.uk/2015/07/14/mozilla-blocks-flash-video-software-on-firefox-over-security-fears_n_7793676.html

You can set Flash to run in Firefox if you still want to: https://support.mozilla.org/en-US/kb/set-adobe-flash-click-play-firefox (USE AT OWN RISK)

Even Apple users are being advised to uninstall Flash. AppleInsider’s Shane Cole writes. “Though most exploits are targeted at Windows, Mac users are not invincible.” : http://appleinsider.com/articles/15/07/13/its-time-to-uninstall-adobes-flash-from-your-mac---heres-how

Adobe patched Flash a couple of days ago, but the exploit still exists: https://krebsonsecurity.com/2015/07/third-hacking-team-flash-zero-day-found/

Facebook have asked Adobe to 'retire Flash as soon as possible “Flash has become such an information security nightmare that Facebook’s Chief Security Officer called on Adobe to sunset the platform as soon as possible and ask browser vendors to forcibly kill it off,”

All this is for Info only. What each person decides to do, is their choice. The Ausphotography website has the ability to allow flash based advertising but we have not used it for some years. So if you use Firefox, you should not see the warning message re flash being disabled whilst on AP. Whilst Mozilla have taken the step to block Flash within the Firefox browser, the vulnerability is not just related to Firefox. All use of Flash on a computer, using any browser or application can allow your computer to be open to hacking.

The BEST solution is to uninstall Adobe Flash Player components from your computer(s).

Adobe have been releasing new versions of Flash over the past few days, and no doubt more updates will follow in the next few days. So the issues may be resolved in the near future.

ameerat42
15-07-2015, 9:06am
Ta a LOT for this, Rick. Good Ol' Firefox did indeed block Adobe Flash Player this morning while I was watching the Pluto updates.
Lucky I had this gut idea NOT to "ALLOW" the plugin to run!!!:eek:
I am now heading over to UNINSTALL Adobe (Not So) Flash Player.
Am.

- - - Updated - - -

DONE! Adobe Flash Player has been shown the door!

(You have to close Firefox or browser before it uninstalls.)

landyvlad
15-07-2015, 9:38am
I thought a heap of stuff on the net requires flash player to work?
I'm starting to worry now as I have been using Chrome...

MissionMan
15-07-2015, 11:22am
Never been a fan of flash. It's a resource hog and I can understand why Steve Jobs hated it.

ameerat42
15-07-2015, 1:44pm
I thought a heap of stuff on the net requires flash player to work?
I'm starting to worry now as I have been using Chrome...

I did too. I guess a lot won't work now, but I don't care.:)


Never been a fan of flash. It's a resource hog and I can understand why Steve Jobs hated it.

Is there a name to the alternative implied?

MissionMan
15-07-2015, 2:22pm
The alternative is HTML5. Most of the developers have been moving this way as it's an open standard.

The move to HTML5 was helped by the iPhone's lack of support for flash.

ricktas
15-07-2015, 6:55pm
Apparently an Update to Flash was released today, that resolves all the current known vulnerabilities within it.

Whether you continue to use it, or remove it from your computer(s), is your choice.

ameerat42
16-07-2015, 9:28am
Went looking for some verification from Adobe... A bit of a trail. Finally found:
https://helpx.adobe.com/security/products/flash-player/apsb15-16.html

It's in Adobese, and seems to address some security issue in the section:


Summary

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address critical vulnerabilities that could potentially
allow an attacker to take control of the affected system. Adobe is aware of a report that an exploit targeting CVE-2015-5119 has been publicly published.

Last bit highlighted is good:D

- - - Updated - - -

So far nothing HASN'T worked without it, so... holding off installation.

Cage
26-07-2015, 11:35am
OK, I've uninstalled Flash Player.

Some things I can no longer view so what's the alternative.

http://www.ausphotography.net.au/forum/showthread.php?140860-Where-Do-Eagles-Dare The video can't be viewed. Says a plug-in is needed.

ricktas
26-07-2015, 12:43pm
OK, I've uninstalled Flash Player.

Some things I can no longer view so what's the alternative.

http://www.ausphotography.net.au/forum/showthread.php?140860-Where-Do-Eagles-Dare The video can't be viewed. Says a plug-in is needed.

Flash has been updated an supposedly resolved the issues. However I think Firefox is really pushing sites to being html5 compatible, and thus flash is un-necessary. But it is up to site owners to do so. It may just have a backlash against firefox. I am using Chrome on sites where I come across flash and it being blocked. Chrome plays them just fine, even without Flash installed on my computer.