Login  |  Register  |  Contact

Flash actively exploited on Windows and Mac; how to contain, not just patch

Adobe just released a Flash update due to active exploitation on both Macs (yes, Macs) and Windows:

Adobe is also aware of reports that CVE-2013-0634 is being exploited in the wild in attacks delivered via malicious Flash (SWF) content hosted on websites that target Flash Player in Firefox or Safari on the Macintosh platform, as well as attacks designed to trick Windows users into opening a Microsoft Word document delivered as an email attachment which contains malicious Flash (SWF) content.

Instead of patching, do the following:

  1. Uninstall Flash from your computer (WIndows, Mac).
  2. Download Google Chrome.
  3. Profit!

Use Chrome’s internal Flash sandbox, so you can uninstall Flash at the OS level. Not perfect, but much better than using Flash through other browsers and having it available on your system for things like those nasty embedded Word attachments.

—Rich

No Related Posts
Previous entry: PCI Guidance on Cloud Computing | | Next entry: Karma is a Bit9h

Comments:

If you like to leave comments, and aren't a spammer, register for the site and email us at info@securosis.com and we'll turn off moderation for your account.

Name:

Email:

Remember my personal information

Notify me of follow-up comments?