Unless you run Google Chrome or Internet Explorer 11 (as they automatically update Flash), you need to immediately update Adobe Flash to stop a specific threat that was documented by Adobe. In short, the threat allows someone to craft a SWF file that could steal users’ log-on credentials to services on the Web, including Twitter, eBay, Instagram and Tumblr. Now, this isn’t just theory. A Google Security Engineer named Michele Spagnuolo released an exploit-crafting tool as a proof of concept that allows one to easily create SWF files that do this sort of evil. Now he did alert his employer and Adobe privately along with giving a heads up to Twitter, eBay, Instagram and Tumblr before releasing the tool. Thus they’ve all fixed this. But you need to do your part and download this Flash update to keep yourself safe because you can bet that someone is going to (if they haven’t already done so) take what this Google employee did and turn it into something very, very bad.
This begs the question: Seeing as there’s been two other emergency Flash updates this year, one has to conclude that Flash is not all that secure. Thus is it not time that Adobe has to step up its game in terms of security? Or conversely computer users have to start considering how to wean themselves off of Flash to ensure that they are safe when surfing the net?
Related
This entry was posted on July 9, 2014 at 8:50 am and is filed under Commentary with tags Adobe, Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Here We Go Again: You Should Update Flash NOW To Stop An Active Threat
Unless you run Google Chrome or Internet Explorer 11 (as they automatically update Flash), you need to immediately update Adobe Flash to stop a specific threat that was documented by Adobe. In short, the threat allows someone to craft a SWF file that could steal users’ log-on credentials to services on the Web, including Twitter, eBay, Instagram and Tumblr. Now, this isn’t just theory. A Google Security Engineer named Michele Spagnuolo released an exploit-crafting tool as a proof of concept that allows one to easily create SWF files that do this sort of evil. Now he did alert his employer and Adobe privately along with giving a heads up to Twitter, eBay, Instagram and Tumblr before releasing the tool. Thus they’ve all fixed this. But you need to do your part and download this Flash update to keep yourself safe because you can bet that someone is going to (if they haven’t already done so) take what this Google employee did and turn it into something very, very bad.
This begs the question: Seeing as there’s been two other emergency Flash updates this year, one has to conclude that Flash is not all that secure. Thus is it not time that Adobe has to step up its game in terms of security? Or conversely computer users have to start considering how to wean themselves off of Flash to ensure that they are safe when surfing the net?
Share this:
Like this:
Related
This entry was posted on July 9, 2014 at 8:50 am and is filed under Commentary with tags Adobe, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.