The Adobe Flash plugin as long been the standard for internet video and interactive games. Many sites have used it to distribute video while maintaining some semblance of protection for content. Flash has enabled websites developers to produce beautiful and interactive websites, but that great power is also the problem. Flash can also be used to serve up malware due to its many exploits. Despite Adobe’s constant patching – sometimes weekly – the number of vulnerabilities keeps climbing. HTML5 is the new web standard being used to incorporate video content delivery instead of Flash. Since it is an industry standard instead of a proprietary system, security is placed on the browser and not on plugins.
CVE Details sums up the Flash Player Vulnerabilities:
2015 was a big year for vulnerabilities in Flash. We’re less than three months into 2016 and this year looks like it could be another big year too. If you look at the second graph the tallest line is the Execute Code type. That means that the vulnerability allowed remote code to be run on the victim’s computer. Not all of those were actually actively exploited, but the fact that there have been so many ways to exploit Flash is frightening.
It’s Time to Remove Flash
The consensus among most IT professionals now is that if you haven’t already, it’s time to remove Flash player from your computer. There are several different versions of the Flash player and they all should be removed or disabled. Google Chrome and Microsoft Edge browsers have Flash built into them and so it can’t be removed, but it can be disabled or used selectively. Check out the screenshot tutorial videos below to learn how to uninstall Flash on your computers:
Go to the control panel and then uninstall programs. In the list look for Adobe Flash and uninstall it. That will remove it from all but Chrome and Edge if you are using Windows 10. Also look for
Disable in Edge:
Disable in Chrome
I missed one step in the video. When you first enter the settings screen you have to hit the “show advanced settings” at the bottom.
I personally leave Flash enabled in Chrome but use the “Let me choose when to run plugin content” that allows me to use when needed. By using the Chrome version of Flash I keep Flash as current as possible because it’s automatically updated with Chrome.
On a Mac:
Adobe has a uninstaller that will remove Flash. https://helpx.adobe.com/flash-player/kb/uninstall-flash-player-mac-os.html
If you are using Linux, then I will assume that you know how to remove Flash already. Different distros will handle this differently.
Contact me if you have questions or need assistance: Kent Warden, 913-593-8074.
Most malware doesn’t attack from the back door. Instead it comes right in the front door and creates back doors you don’t even know about. I received three emails today and one a few days later before I finished this blog post, that I am going to share because emails laced with malware is the primary method of gaining access to your computer. Two of the emails are virtually the same email just from a different person. Making mail appear on the surface to have come from someone else is not difficult.
- It comes from someone I don’t know.
- There is no salutation or greeting.
- This one says I filled out my taxes with FreeTaxUSA. I have never heard of them and I certainly didn’t send them any tax info.
- The items listed say Louisiana State Tax Return. I don’t live in Louisiana and certainly wouldn’t be filing a return there.
- The checking account listed is not mine.
- Finally the clincher for this one is the attached file in zip format.
Zip files are common around the internet as they are a container file with other files contained within. The problem with zip files from unknown sources is that they can be used to transport malware past email filters. Most email systems won’t allow you to send an .exe file (executable windows file). So by placing an .exe or other file that can contains malicious code in the zip file they are bypassing some email filtering. If you don’t know who sent the file, don’t open the zip file! The other thing this email is trying to do is get me concerned that I have been charged for something I didn’t order. Obviously I wouldn’t have ordered a tax return from Louisiana; in fact my taxes were done some time ago. The email looks like I am being charged for something, so naturally curiosity will want to see what it is. If you receive an email similar to this, you must fight the urge to look and just delete it. If you just can’t stand it contact your bank or credit card company and check your statement for any suspicious charges.
The next two emails are similar:
Flags to look for in these two emails:
- Someone I don’t know
- No salutation (This in and of itself wouldn’t necessarily be a flag, but taken with the others I would expect to see my name here.)
- They are vaguely requesting information, then referring to the attached document. These emails are usually sent to thousands of people and the goal is to pique curiosity so you will open the attachment.
- The attachment is a Microsoft word .doc file – yet another route to infiltrate malware into a computer. Microsoft Word is a very powerful program that is capable of scripting. Because of the scripting and other vulnerabilities in Word you shouldn’t open a .doc file from anyone you don’t know. Make sure all your software updates are done promptly to limit the possibility of infection, but understand there are constantly new vulnerabilities that are found – so again, just delete the email without opening any attachments!
The interesting thing about the last two emails is that I looked up the companies and they appear to be legit businesses. So either someone just copied their information for the email or their computers have been compromised.
One final email that is more obvious:
This one is typical of emails generally caught by spam filters. It appears to be written by someone for whom English is not their primary language. It’s vague and leaves a lot of questions. I also like that the email is from Country court, not County court. I am not sure if that’s a federal court or the Supreme Court. 🙂 Again this email has the attached zip file that you should avoid. The email is just supposed to entice you to try to open the attached documents, and that’s when you could get a virus or other malware launched on your system.
If you have had and used an email address for some time, you likely will receive mail like this. Various entities around the internet collect email addresses and then sell the lists. These emails are probably sent to thousands if not millions of addresses. It’s an odds game. If they send out 10,000 emails and they can get 1% of people curious enough to click on the link or zip file, then they have nabbed 100 people or computers. If they do this every day, all year – that’s 36,500 people or computers that they can do whatever they want since the person opened the document and let the bad guys in. There are enough back doors in computer systems to guard against without letting someone walk through the front door.
If you have accidentally opened an attachment that has caused a virus, please contact me for clean-up services.
What is Malware and How do I Avoid It?
Malware: (short for malicious software) is an all encompassing word for undesirable software used to disrupt computer operation, gather sensitive information, or gain illegal access to computer systems. Malware includes computer viruses, ransomware, trojan horses, adware, and other malicious programs.
Computer Virus: The key to a virus is that it attempts to replicate itself. It is a form of malware that “infects” a host computer with any number payloads. The activities vary from harmless political statements to destructive commands that can wipe out data.
Trojan: A Trojan is a non-self replicating program that may do similar things to a virus. The name Trojan is a reference to a wooden horse used to trick the army of Troy. A Trojan typically requires the user to start the program. This is done by appearing to be something it’s not and then when the program is run, its malicious functions begin.
Ransomware: A form of malware, usually a Trojan that in some form blocks access to files on a computer. Demands are given to send money for the key to unlock the computer or files.
Adware: A form of malware that seeks to display advertisements to the user and or gather search history on the user. The simplest adware may just change the default search page in browsers. Typically browser windows will pop up or program windows pop up after you search for something. Add-on browser tool bars often fall into this category.
Being vigilant regarding Malware is the only protection. The route taken to infect a system is often called an attack vector. There are many attack vectors and new ones are being found every day. We all are familiar with software updates. Most of them are not to bring new functionality but to patch vulnerabilities that have been found within the code. When vulnerabilities are found in software they are usually kept quiet until an update can be issued to fix the vulnerability. This is why it’s so important to keep up with software updates. If your computer or device is always connected to the internet, it should be updated ASAP. Computers that are not updated are vulnerable and someone with malicious intent can go phishing with emails or a hacked website to try to catch anyone with a vulnerability. Emails promising free money or pictures of celebrities or warning that you might get an IRS audit all garner a few clicks and if the person who clicks has not updated their software, then they can become infected. With so many pieces of software operating in relative harmony on any given computer there are many opportunities for security holes. This is where anti virus and malware protection programs come in. Having these programs running will act as a shield if the user does encounter a virus or malware. The problem with these is that a threat has to be documented and added to the definition list then sent to the computer running the protection program. Some threats are unknown or it can take a while to get the definition updated so there are always times when a system is vulnerable. For the best protection against malware:
- Do not open emails that promise free money or anything else that sounds too good to be true.
- Do not open zip attachments from anyone unless you verify that they sent you a file.
- Beware of screen saver files either in emails or from less than stellar web sites.
- Be very cautious of any program you download from the internet.
- Keep your browsers updated (Chrome, Firefox, Safari, Opera, IE).
- If you have Java on your computer, be sure to keep it updated.
- Adobe Reader, Flash, and Shockwave should always be kept up to date.
- Email clients should be updated if they are not part of the operating system updates.
- When installing updates or any software be sure to read through the installation screens. Even many good software titles will try to load additional software during an install. Java, and all the free Adobe products try to bring along some other title when you install or update them.
- Using an AdBlock program in your browser can also help block some of the phishing advertisements.
Coming soon more information on why you should be concerned with malware, and why would someone want your information.