In 2015 for a period of seven days, Yahoo’s ad network was affected by malicious actors who embedded malware into their ads that were populated on many of the search giant’s pages.  The hackers took advantage of the ad network to distribute their malicious code, which affected individuals who had older versions of Adobe Flash.  The hack would have not been detected if it was not for Malwarebytes security researchers who discovered it.

Once the malware was installed and found an outdated version of Adobe Flash, the computer was held random.  The hackers made all files on the computer such as documents and pictures unreadable until the user paid them a ransom to unlock it.  In other cases the malicious code would continuously take the user to web pages that the hackers were collecting money from. As many as 10 million people were exposed during that period.

We use products like Adobe Flash, Adobe Reader, and Java every day.  These products are continually updated to protect their users, but many people fall short in maintaining these critical updates. Also many people are misled by malicious sites to think they are installing an update for Flash or Java, when they are really installing malware onto their computer.

These three tools are critical for every day computer usage and knowing how to update them is vital to securing your computer.

Updating Adobe Flash

Adobe Flash is a multimedia and software tool used for graphics, animations, online games, internet applications, desktop applications, and more.  Not having it installed is almost not an option.  Having it installed and outdated is a series threat.  To combat this threat, we can easily check and update this software.

Never install Adobe Flash from any site other than Adobe. The link below is a safe link to install Adobe Flash:

https://get.adobe.com/flashplayer/

As you look at this screen, the one thing you must be cautious of is the additional offers.  In the screen below, you can see that McAfee is being offered for free.  Be sure to uncheck these additional offer boxes.  They are not malicious, but if you have antivirus, which we will discuss later, having another antivirus on your system could cause them to fight and render both useless.

With the Optional Offer unchecked, click Install Now.  Adobe will then prompt you to save the download.  Once downloaded, launch the file to begin the installation.

The process to install is simple and fairly self-guided.

Updating Adobe Reader

Just like with Flash, Adobe Reader also has frequent updates.  Now that you understand the installation process for Adobe products this should be a breeze.

A very popular file format is the PDF.  These can be opened and viewed on virtually any system.  To be able to open a PDF file you need to have Adobe Reader installed.  It is important to note that there are other PDF readers, but Adobe Reader is the most common and supported.

Like with Flash, never install it from a site that is NOT Adobe.  The link below is a direct link to Adobe to install or update Adobe Reader:

https://get.adobe.com/reader/

As with Adobe Flash, I strongly recommend you uncheck the Optional Offers.

With the optional offers unchecked, click Install Now. Adobe will then prompt you to save the download.  Once downloaded, launch the file to begin the installation.

Java

Java, used to be the king of being affected by Zero Day attacks.  A Zero Day attack is caused by a hole in the software unknown to the vendor and anti-virus manufacturers.  Sometimes holes are fixed before hackers find them, but more often than not, the vendor becomes aware of the hole on the zero day and hurries to fix it. Recently Flash dethroned Java, but keeping Java updated is still vital for your home security.

In 2015 a CISCO Annual Security report stated, “Cisco Security Research suggests that the decline in Java exploits can be tied partly to the fact that there were no zero-day java exploits disclosed for adversaries to take advantage of in 2014.”

Java is starting to step into the spot light again.   With 193 new security fixes last year, failing to update Java is the second biggest security vulnerability.  Constant patching of Java and Flash will protect against most vulnerabilities.  The decline in Zero Day attacks for Java is a great thing, but keep in mind that consistent updates to Java are vital.

For More Information to Keep Your Business Data Secure, Read Securing Business Data!

Pin It on Pinterest

Share This

Share this post with your friends!

%d bloggers like this: