New Flash zero-day also targets Mac users

02. February 2015 Security 1

Adobe released a security advisory today. Flash Player versions 16.0.0.296 (current version) and earlier are vulnerable to an exploit that can cause a crash which allows an attacker to take control of the affected system. This vulnerability is already being exploited in the wild and no patch is available at this time.

We recommend disabling Flash Player until this issues has been patched. Here’s how to do this:
Safari: Open the Safari Preferences and go to the “Security” tab. At the bottom where it says “Internet Plug-ins” click the button “Website Settings”. Click on the “Adobe Flash Player” plug-in and you’ll see a list of allowed websites. If any websites show in this list, click on them once and then remove them by using the “-” button. Set the setting “When visiting other websites:” to “Block”.
Firefox: From the menu bar, Tools menu, select “Add-ons”. Click on the Plugins tab in the left column and set “Shockwave Flash” to “Never Activate” (This should be set to “Ask to Activate” by default for enhanced security on any other day).

The best way is to completely uninstall Flash from your system. I have not had Flash installed for a long time and rarely run in to any websites that require it. To remove Flash from your system download the uninstaller here.

Adobe expects to patch this issue later this week but no timeframe was provided.


1 thought on “New Flash zero-day also targets Mac users”

Leave a Reply

Your email address will not be published. Required fields are marked *

*