Flash: still a liability or can I install it now?
Hi all
A while ago Flash was being battered for insecurity.
I've not got it installed but now I keep coming up against a website I use for work where I need to listen to recordings and it would b v convenient to listen on both my work laptop and home PC's.
Can I install it safely now? Is it locked down?
Re: Flash: still a liability or can I install it now?
I'd still say that it's a major malware target.
I only have it* installed in one browser, and I have it set for click to play.
* I use Flash ESR, the Extended Support Release, it lacks cutting edge additions (new stuff might mean new bugs) but it is fully updated for any known security issues. Unfortunately, this version is set to be pulled later this year, Adobe cba to continue with it.
Re: Flash: still a liability or can I install it now?
Re: Flash: still a liability or can I install it now?
unreal.
thanks guys..will simply have to take longer and use the work lappy.
Re: Flash: still a liability or can I install it now?
Could always run it in a VM if you're concerned
Re: Flash: still a liability or can I install it now?
Quote:
Originally Posted by
jim
Could always run it in a VM if you're concerned
Not a bad first step, but a compromised VM can easily be used to attack it's host, or other local machines.
The sooner Flash dies, the better.
Re: Flash: still a liability or can I install it now?
Couldn't you use Chrome? It has a version of Flash baked-in, so you aren't installing it from Adobe with all their extra goodness. Probably still a security risk, but I wouldn't say a particularly large one if you disable it via an extension when it's not required.
Re: Flash: still a liability or can I install it now?
Chrome and Firefox allow you to selectively run Flash. For the web-sites you trust, you run the plugin, otherwise it stays disabled.
Re: Flash: still a liability or can I install it now?
I agree with Virtuo: it may be a security risk! You have to be careful with such pop-ups like Javaxversion.com, which intends to drop malicious things onto your browser. Before you install it, you have to make sure it is clean! If you have been annoyed by this fake pop-up, check here.