When it comes to critical updates, Adobe Flash is probably the candidate for receiving the highest number of such updates, Flash is used across the globe to perform all sorts of tasks, whether it be streaming media files or playing games, Flash is a must-have for any modern internet browser.
Security Update for Adobe Flash Player (3135782)
This update patches and removes a vulnerability which could be exploited by a hacker or malicious website to execute code remotely on your computer. The update is available via Windows Update and can be found on your computer by accessing Window Update through the Start Menu.
A frequently asked question would be, how exactly does can an attacker exploit such a vulnerability to access your computer, Microsoft’s answer to that is:
In a web-based attack scenario where the user is using Internet Explorer for the desktop, an attacker could host a specially crafted website that is designed to exploit any of these vulnerabilities through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked “safe for initialization” in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit any of these vulnerabilities. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by clicking a link in an email message or in an Instant Messenger message that takes users to the attacker’s website, or by opening an attachment sent through email.
So how can you protect yourself?
Well now we know how an attacker can use the vulnerability, as for how to protect yourself, it’s qutie simple.
- Avoid clicking links in email addresses from people who you don’t trust, most of these emails are filtered and placed in your spam folder but a few might get through every now and then, it’s better to simply ignore these emails and never open them.
- If your browser gives you a warning about a website being affected by malware or unsafe to view, listen to that warning and don’t visit that website unless you’re absolutely sure it’s safe to.
This vulnerability is for Internet Explorer only, other browsers are known to be much more secure in-general and it’s considered to be a good idea to use Mozilla Firefox or Google Chrome as compared to Internet Explorer. Microsoft has been trying to make ActiveX work but it appears that there’s a critical security vulnerability every so often.
Another way to protect yourself would be to simply not use Flash if you don’t stream media or perform tasks on websites that require Flash to function. Most streaming services are switching over the HTML5 and the same is true for major services like YouTube, if your browser doesn’t support Flash then you have nothing to worry about, you’ll still be able to stream from your favorite channels and enjoy the internet in all its glory.
Doing so however, would require you to disable Flash entirely, the instructions can be found under the “Workarounds” heading on this page.