In a previous article I outlined how the use of Adobe Flash can increase the opportunities for malicious hackers to compromise your computer.
There are several ways to protect yourself from these types of attacks – enabling Click to Play, for instance, is one of them – ensuring that Flash-based elements only load in your browser on your command.
That’s not all you can do, though.
Let’s start with the first scenario: that you don’t want to completely eradicate Adobe Flash from your computer.
In order to achieve this, you’re going to have to think about your updates. They may be the bane of your digital life, but software updates are crucial to staying afloat online, whatever operating system is installed.
First, let’s take a look at how you can check whether you’re running the latest – and safest – version of Flash.
Checking your Flash version
If you’re unsure about what version of Flash you’re running, or whether you’ve got Flash installed at all, head on over to the Adobe help page.
Click the yellow “Check Now button” and wait a few seconds.
If you’re running the latest version of Flash, you’ll be presented with a brief confirmation. Otherwise, you’ll be provided with an alert instructing you to directly download the latest version.
Google made technology headlines after announcing that the Chrome web browser would contain an automatically updating build of Flash Player. Back in 2010, Paul Betlem (Senior Director of Flash Engineering) attributed this move to creating a “safe experience” for everyone.
If you’re not a Chrome user, or are just wondering how you can stay on top of your Flash updates, keep reading.
The first – and most straightforward – way to ensure you’ve got the latest version of Flash installed: visit the Flash Player download page and install the latest version.
A quick side note: make sure to untick any “special offers” or added extras that might appear!
Otherwise, you can look behind the scenes to the Flash Player Settings. The easiest way to invoke the Settings screen is to right-click on an element of Flash content on a website.
From the context menu that appears, choose “Global Settings.” You should now see the “Flash Player Settings Manager” on your screen. Look for the “Advanced” tab to check your update preferences or force another check for the latest version.
If it’s not already, I’d recommend setting your update preference to “allow Adobe to install updates” on an automatic basis, where any urgent security patches are installed without user intervention. Adobe aims to notify you before installing any non-emergency updates, however.
Allowing Flash to “notify me to install updates” is the only acceptable alternative, where the Flash plugin checks for new versions on a regular basis, prompting you to install any patches. This applies to all types of update, regardless of urgency.
Opting to “never check for updates” means that you’ll only be able to find the latest version of Flash from the Adobe website. Here, you won’t be notified of any vulnerabilities, or the critical updates which patch them.
Although you can disable Flash from running inside the browser you use, I’d recommend a complete uninstallation if you want to rid your computer of it for good. What’s more, simply disabling Flash in your browser might not be enough to protect your computer!
If you use several browsers on Windows, you may have more than a single version of Flash Player installed. It’s easy to remove them all in one fell swoop, though.
First, open the Control Panel. Next, select “Programs and Features” to view your list of installed applications. Here, you’ll see any Flash plug-ins you have installed. In turn, select each of the plugins associated with Adobe Flash Player in turn and click “Uninstall.”
A similar process applies for Mac OS X users. This time, you’ll need to download the appropriate Flash Uninstaller from Adobe.
Locate the downloaded disk image (ending with “.dmg”) and double click on it. A new window should appear; simply double click on the “Adobe Flash Player Uninstaller.app” inside to get started.
You may receive a prompt asking you to confirm whether you’d like to open the application. Click “Open” to bring up the Uninstaller.
After being asked for your username and password, the uninstallation will take place.
You may receive a prompt asking you to confirm whether you’d like to open the application. Click “Open” to bring up the Uninstaller. After being asked for your username and password, the uninstallation will take place.
Uninstallation procedures vary if you’re using a Linux distribution. The most common commands are as follows:
- If you’re using a Chromium-based browser, run this at the command-line:
sudo update-pepperflashplugin-nonfree --uninstall
- If you’re using a Firefox-based browser, run this at the command-line:
sudo apt-get remove flashplugin-installer
- Plugins – yes, they’re handy but they also increase the surface of attack
- How to update Silverlight – or uninstall it completely!
- How to update Java – or uninstall it completely!
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.