Main Area and Open Discussion > Living Room
New Adobe Flash Player Security Exploit Reported Today (tuesday may 27)
mouser:
This is a good reason to install a firefox extension that blocks Flash movies unless you specifically whitelist the website. For example: NoScript or FlashBlock.
Exploits target new Adobe Flash bug
Symantec on Tuesday revealed that the latest version of the Adobe Flash Player contains an unpatched vulnerability that is being actively exploited.
--- End quote ---
http://www.scmagazineus.com/Exploits-target-new-Adobe-Flash-bug/article/110585/
housetier:
I have been reluctant in the past to install yet another extension into my browser, but I am now adding flashblock to my list of extensions.
I wonder if I should get rid of the flash plugin altogether...
Grorgy:
Trouble is, if we start disabling or removing all the plugins and so on, we will end up browsing plain text, which may be nostalgic for some and safe, but ohh so dull.
Ehtyar:
My experience with FlashBlock (up until about 6 months ago) was that flash movies would occasionally be loaded prior to FlashBlock disabling them. I believe it is not as deeply integrated into the browser as NoScript is, which is why i switched (plus j/s and xss protection etc), and have not had the same problem since. I would recommend NoScript over FlashBlock both for the additional functionality, and the seemingly tighter protection.
Ehtyar.
f0dder:
Ehtyar: thanks for that word of warning, if it's not been fixed, that basically means FlashBlock is useless.
I never installed NoScript because I don't find flash to be that intrusive, as long as I'm running AdBlockPlus. I did consider it a few times, because I had the nagging feeling that sooner or later, somebody would find a 0day exploit for flash, and we'd be in royal trouble. But out of lazyness (whitlisting, *sigh*) I never did it.
Is the exploit that's now in the wild based on the NULL pointer exploit? Pretty nasty stuff.
Navigation
[0] Message Index
[#] Next page
Go to full version