What is Flash? Well most likely you have it on your computer and enabled in your browser.
It used to be essential to view YouTube videos, but now with the rise of HTML5, it’s really is useless, unless you would possibly miss animated advertising and pretty much allow hackers to infect your computer on a whim.
Now this latest exploit happened via Yahoo’s ad network as reported by the NYTIMES:
For seven days, hackers used Yahoo’s ad network to send malicious bits of code to computers that visit Yahoo’s collection of heavily trafficked websites, the company said on Monday.
The attack, which started on July 28, was the latest in a string that have exploited Internet advertising networks, which are designed to reach millions of people online. It also highlighted growing anxiety over a much-used graphics program called Adobe Flash, which has a history of security issues that have irked developers at Silicon Valley companies.
From IBTimes:
that exploited the company’s ad network for a full week to deliver malware directly to the computers of users who visited the company’s websites, the cyber security firm that discovered the attack said this week. Yahoo did not reveal how many users were affected, but it could be substantial, given that Yahoo gets 6.9 billion visits a month.
For the malware attack, hackers purchased advertisements that ran on Yahoo’s sports, news and finance sites
That’s a big footprint as Net-security elaborates:
“This one is a doozey in terms of scale, because it uses Yahoo’s properties, which see nearly 7 billion visits per month,” commented Kowsik Guruswamy, CTO for Menlo Security.
Basically it came down to distributing exploits and holding computers for ransom or redirect traffic (via consumerist):
Here’s how it worked: A group of hackers bought ads across Yahoo’s network — finance, games, news, etc., as well as Yahoo.com. When a computer visited one of those sites, it would download malware code. At that point, the malware searched around for an out-of-date version of Adobe Flash, which could be used to commandeer the computer and hold it for ransom, or redirect the browser to websites that pay hackers for traffic
This won’t be the last exploit to hit flash as it’s one of those technologies that was built well before the modern era of the web.
Should you disable Flash?
A few weeks ago I disabled Flash on my machine and I haven’t looked back. I only really got to run it a bit before I upgraded to Windows 10 but in that short time I barely noticed a difference. Although the main browsers I use do seem to be quicker and have less hiccups.
So what about you? It depends, if you know beyond a doubt you have tools or sites that you visit that depend on the technology then you might be better off keeping it active (but always ensure you’re updated).
If you’re like me and you realize that much of what you do online will revert to other technology or you can find ways around it then I would consider it.
So how do you disable flash?
You have 3 options broken down by Gizmodo.
Install Flash blocking extensions:
This option is my least favorite as it rely’s on some other tool that is relatively easy for you to do yourself.
That being said here’s Flashblock on Firefox. But there’s FlashControl for Chrome and ClicktoFlash for Safari.
Disable Within Your Browser
This is relatively easy to do and can be done in any major browser.
Chrome:
Firefox
Safari
IE 11
Uninstall Completely
This is the option I chose. Here are links to uninstalling Flash on Mac, and on Windows.
Yes I know this last option drastic but I’d suggest you give it a try. If notice any challenges or a difference when browsing the web you can easily re-install.
These days any little thing you can do to ensure your security helps.
Art and GIFs by Michael Hession
image by (Morton Fox)
