Chuck,
I have Flash set as you do, Disabled. But in checking this, I find I
have a "leftover" from 2014, "Shockwave Flash 15.0.0.223", which is
permanently disabled because of its exposure to attack. I can't find a
way to remove this.
Have you encountered such a thing, and do you know how to remove it?
Thanks,
Jim Nichols
Tullahoma, TN USA
On 7/18/2015 10:58 AM, Chuck Norcutt wrote:
Flash is always under attack since, just like IE, it's the most common
thing out there. The most recent flurry of updates was supposedly
caused by the hack of an Italian security firm which had found these
Flash vulnerabilities and kept them to themselves under (insecure)
lock and key.
In response to Brian, I doubt that Firefox is the cause of his
problems. I don't think that going back to IE is a solution. At least
with Firefox you can install but disable Flash or set it so that
you'll be queried if you want to allow it to run. That's what I do.
About 90% of the time allowing Flash to run is only allowing
advertising videos to run. It's usually not required for the content
you're interested in. But, if it is, you can allow it on a case by
case basis or for a domain as a whole.
Google supports Flash in Chrome but it's embedded in Chrome and not
via a plug-in or add-on. That means that when Flash needs to be
updated your fix comes in the way of an update to Chrome. Google
claimed that the way they have Flash embedded means that Flash stays
behind a security sandbox. But these last breaches were supposedly
able to figure their way out of the Google sandbox.
I prefer the Firefox solution. Most of the time I don't allow it to
run at all but, if I'm really interested in something at what I
consider a fairly secure site I will allow it.
Chuck Norcutt
On 7/18/2015 4:12 AM, ChrisB wrote:
Thanks, Ian.
That site looked a little obscure to the layman, whereas this site:
http://www.welivesecurity.com/2015/07/09/adobe-rushes-patch-flash-flaw-attack/
puts it in simple terms :-)
Chris
On 18 Jul 15, at 09:05, Ian Manners <void@xxxxxxxxxx> wrote:
Has anyone else noticed the increased frequency of Flash updates?
Havent used flash for years
But does it mean that Flash is under attack?
<http://www.cvedetails.com/vulnerability-list/vendor_id-53/product_id-6761/A
dobe-Flash-Player.html>
Cheers
Ian Manners
Of nowhere in particular.
--
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/
--
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/
|