This exploit comes on the heels of the company releasing several patches (69 to be exact) earlier in the week for Flash, Reader, and Acrobat. According to the Adobe Security Bulletin:
Help Protect Your Computer from Flash Exploits
We all know that Flash is going the way of the dinosaur, and the best way to protect your system is to uninstall Adobe Flash completely. Unfortunately, that option might not be realistic for a lot of users. Adobe is aware of a report that an exploit for this vulnerability is being used in limited, targeted attacks. UPDATE: Adobe expects updates to be available as early as October 16. But what you can do is manage when Flash is used by setting up the Click to Play option for it in your browser(s). With it enabled, your browser won’t automatically start rendering potentially malicious Flash content. It put you in control to authorize what is or isn’t displayed. For most browsers, you can find an add-on that will block flash for you, but you can also do it manually. Here’s a look at doing it in the big three.
Google Chrome
In Chrome open Settings and then select Show advanced settings. Scroll down and click Content settings under the Privacy section.
Scroll down to Plug-ins and then check Let me choose when to run plugin content.
Mozilla Firefox
The easiest method is to install the Flashblock add-on. But to do it manually, head to Tools > Add-ons and select Plugins.
Scroll down and find Shockwave Flash and change the option to Ask to Activate.
Internet Explorer
Of course, in IE disabling Flash is the clunkiest…anyway…go to Tools > Manage add-ons.
Then select All add-ons from the dropdown menu under Show.
Next click Remove all sites at the bottom and close out of the settings.
Disabling Flash in IE is kind of an all or nothing deal. When you reach a site with Flash content, you can either allow it to run on the entire site or not.
I should also mention that Adobe Flash Player is included in Microsoft Edge in Windows 10. But it’s much easier to disable. Just head to Settings > Advanced Settings and flip the switch off.
When you get to a site with Flash content in Firefox or Chrome, you’ll see that it has been blocked, similar to the shot below. Then choose if you want to run it or not.
Now you have control when Flash content plays, no matter which browser you’re using.
The Demise of Flash Continues
When it comes to vulnerabilities, Adobe Flash has more security holes than Swiss cheese. Remember when Steve Jobs wrote an open letter about his disdain for Flash? That was back in 2010, and yet it still exists out there. Tech companies are doing their best to take steps to eliminate it, too. Here are just a few examples: Google has officially killed off Flash ads in Chrome. Google AdWords makes it possible to automatically convert ads created with Flash to HTML5, the safe and reliable format that is replacing Flash. There is even an Occupy Flash movement with the goal to end the world of the Flash Player plugin. If uninstalling Flash isn’t a viable option for your situation, enabling the Click to Play feature in your browser is your best bet. And, of course, always make sure you have the most updated version at all times. After implementing this, you’ll be surprised how much Flash is still out there. A lot of prominent sites you’d think had done away with it, but it’s still around. Comment Name * Email *
Δ Save my name and email and send me emails as new comments are made to this post.