How Flash is used to destroy your computer

Privacy newsTips & tricks
2 mins
Single switch flipped in a row of circuit breaker switches.

Some of the most common Web viruses are ones that affect your computer by tricking you into clicking on a specific website. In fact, a whole industry exists where hackers simply upload their software and receive a URL, which they then send out to their unsuspecting victims.

As soon as someone opens the compromised link, which is usually as innocuous as a meme or news article, the server detects which operating system and browser the person is using and BAM! The virus then downloads and executes the malware without the user ever clicking on a link!

It happens more often than you think, and it usually occurs through software vulnerabilities in common applications like Adobe Flash.

Flash? More Like Trash!

Researchers at Recorded Future are analyzing malware on the Web and have released explanations of the 10 most common exploits of 2015.

Eight of them use Flash vulnerabilities to infect your computer. Flash is the software commonly known for animations, short videos and annoying ads. Until a few years ago flash animations were popular because they required less bandwidth to run than video, but with most of the world now hooked up to high-speed Internet, flash animations have been replaced first by flash videos and now by html5 videos.

Since January 2015, YouTube videos by default use html5. Facebook also serves its videos in this format, which is not carrying the same security risks for the user.

So with all the vulnerabilities in the Flash software, why keep it installed? Apple’s actually blocked older versions of Flash from running on Apple OS X due to the security flaws, and other companies are beginning to follow suit.

If you’re still not sure about uninstalling Flash, at least make sure you patch the vulnerabilities.

Here’s how:

Always Update Flash!

Yes, Flash updates very, very frequently and the process and pop-ups can be annoying. They aren’t always asking you to update because they hate you, but because they constantly find little security holes that can be used to compromise your computer — security holes that they fix as fast as possible with software updates.

Additionally we recommend you use these easy tools to stay in control of your browsing and only run Flash when you trust the site:

Add a Few Add-ons

Add-ons like the Safari extension ClickToFlash Chrome extension Flashcontrol or the Firefox add-on Flashblock will not load any flash unless you explicitly tell them to. Instead of the flash video they will display a grey box that you have to click for the video to load. Only click that box on sites that you trust!

Deactivate Flash Completely

So maybe you’ve noticed you don’t need flash at all. Here’s how to deactivate it:

  • In Firefox: firefox/tools > addons > plugins and set flash to never activate
  • In Chrome: type chrome://plugins in your browser and set flash do disable
  • In Safari (Mac OS X)> Preferences > Security > Plugins > Set to not allow

If you have multiple browsers installed you many want to deactivate Flash on your primary browser, and only open a site in your secondary browser if you really, really have to.

Most of the time, though, you’ll find the kitten video is not worth the risk.

 

Featured image: HasanEROGLU/ Dollar Photo Club

Lexie is the blog's resident tech expert and gets excited about empowerment through technology, space travel, and pancakes with blueberries.