Olympus-OM
[Top] [All Lists]

Re: [OM] OT: Flash Player updates

Subject: Re: [OM] OT: Flash Player updates
From: Jim Nichols <jhnichols@xxxxxxxxxxxxx>
Date: Sat, 18 Jul 2015 11:10:04 -0500
Chuck,

I have Flash set as you do, Disabled. But in checking this, I find I have a "leftover" from 2014, "Shockwave Flash 15.0.0.223", which is permanently disabled because of its exposure to attack. I can't find a way to remove this.

Have you encountered such a thing, and do you know how to remove it?

Thanks,

Jim Nichols
Tullahoma, TN USA

On 7/18/2015 10:58 AM, Chuck Norcutt wrote:
Flash is always under attack since, just like IE, it's the most common thing out there. The most recent flurry of updates was supposedly caused by the hack of an Italian security firm which had found these Flash vulnerabilities and kept them to themselves under (insecure) lock and key.

In response to Brian, I doubt that Firefox is the cause of his problems. I don't think that going back to IE is a solution. At least with Firefox you can install but disable Flash or set it so that you'll be queried if you want to allow it to run. That's what I do. About 90% of the time allowing Flash to run is only allowing advertising videos to run. It's usually not required for the content you're interested in. But, if it is, you can allow it on a case by case basis or for a domain as a whole.

Google supports Flash in Chrome but it's embedded in Chrome and not via a plug-in or add-on. That means that when Flash needs to be updated your fix comes in the way of an update to Chrome. Google claimed that the way they have Flash embedded means that Flash stays behind a security sandbox. But these last breaches were supposedly able to figure their way out of the Google sandbox.

I prefer the Firefox solution. Most of the time I don't allow it to run at all but, if I'm really interested in something at what I consider a fairly secure site I will allow it.

Chuck Norcutt


On 7/18/2015 4:12 AM, ChrisB wrote:
Thanks, Ian.

That site looked a little obscure to the layman, whereas this site:

http://www.welivesecurity.com/2015/07/09/adobe-rushes-patch-flash-flaw-attack/

puts it in simple terms :-)

Chris

On 18 Jul 15, at 09:05, Ian Manners <void@xxxxxxxxxx> wrote:

Has anyone else noticed the increased frequency of Flash updates?

Havent used flash for years

But does it mean that Flash is under attack?

<http://www.cvedetails.com/vulnerability-list/vendor_id-53/product_id-6761/A
dobe-Flash-Player.html>

Cheers
Ian Manners
Of nowhere in particular.
--
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/



--
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/

<Prev in Thread] Current Thread [Next in Thread>
Sponsored by Tako
Impressum | Datenschutz