Java and Flash both vulnerable—again—to new 0-day attacks

Toggle sidebar Toggle sidebar
T

TheRyuu

Diamond Member
Dec 3, 2005
5,479
14
81
Elixer said:
Flash should be disabled by default. :rolleyes:
Click to expand...

Also remember that you shouldn't use "click to play" in Chrome. You should set plugins to "disabled by default" or whatever the wording is. This still allows you to use them but you have to right click them and hit run (or use the icon in the omnibar). This actually acts as a security barrier since click to play can be bypassed and flash stuff can still run.
 
M

MustISO

Lifer
Oct 9, 1999
11,927
12
81
One of these days everyone will wake up and stop using/requiring flash on their sites. Sure the next method of displaying cat videos will be exploited when flash goes away but it's time for it to die or rewrite it from the ground up.
 
S

Spacehead

Lifer
Jun 2, 2002
13,067
9,858
136
I see now that Firefox won't let Flash run without specifically allowing it on a site.
Good for them.
 
John Connor

John Connor

Lifer
Nov 30, 2012
22,757
618
121
Elixer said:
Flash should be disabled by default. :rolleyes:
Click to expand...


I set mine to ask for activation since the Hacking Team BS. Too bad Hulu and other sites can't go HTML5 already. Most people use Chrome or Firefox so there's no reason not to.
 
A

Auric

Diamond Member
Oct 11, 1999
9,591
2
71
I use ESR and Axe to Activate but maintaining it is still a chore. With two releases in ten days already there's yet another vulnerability? D:
 
Murloc

Murloc

Diamond Member
Jun 24, 2008
5,382
65
91
I always browse the same websites anyway, only few of which use flash, so I guess it won't be a problem for me.
 
mikeymikec

mikeymikec

Lifer
May 19, 2011
20,396
15,087
136
I already had version 18...203 on my PC, apparently it was updated on the 9th of July. FF still is warning me about it though.
 
bruceb

bruceb

Diamond Member
Aug 20, 2004
8,874
111
106
Flash updated this morning to: 18.0.0.209 ... Shockwave is now at: 12.1.9.159 .... Java is still showing 8 Update 45 on their site
 
Ketchup

Ketchup

Elite Member
Sep 1, 2002
14,559
248
106
Spacehead said:
No more warning here. Did you restart your browser?
After updating to the latest version it said to restart which is not normally needed.
Click to expand...

I am not sure why it did that on the desktop this morning. No warnings after the update on my laptop. Will look at it later this evening.
 
mikeymikec

mikeymikec

Lifer
May 19, 2011
20,396
15,087
136
Ah, my bad; I thought I had read the version number as 203 as well as mine. Updated, no more warnings.
 
PliotronX

PliotronX

Diamond Member
Oct 17, 1999
8,883
107
106
So Mozilla is taking it upon themselves to timebomb Flash just as Java does itself? I wonder how long it will be before they tire of adjusting the acceptable builds and just block it out completely. Afterall, infections always reflect poorly on the browser and OS but never browsing habits nor paid-for AV :whiste:
 
Elixer

Elixer

Lifer
May 7, 2002
10,371
762
126
Murloc said:
I always browse the same websites anyway, only few of which use flash, so I guess it won't be a problem for me.
Click to expand...

Not true!
They can infect you still, like for example if the advertiser gets hijacked which happen more often than you think...

So, ANY flash based item can screw you big time.
 
John Connor

John Connor

Lifer
Nov 30, 2012
22,757
618
121
ketchup79 said:
After updating I still see the warning in the Plugin Status page of FF.
Click to expand...


That happened to VLC as well and I think it's fixed. Mozilla was blaming VLC and VLC was blaming Mozilla. Also, the plugin check page showed recently that flash was updated, but it wasn't. I wouldn't depend on the plugin check page and the Dev for my main browser Pale Moon took that link out of the plugins page.
 
Ketchup

Ketchup

Elite Member
Sep 1, 2002
14,559
248
106
John Connor said:
That happened to VLC as well and I think it's fixed. Mozilla was blaming VLC and VLC was blaming Mozilla. Also, the plugin check page showed recently that flash was updated, but it wasn't. I wouldn't depend on the plugin check page and the Dev for my main browser Pale Moon took that link out of the plugins page.
Click to expand...

Yes. Got back on the desktop this evening and all is (reporting) well.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom