Skip navigation

How does one know if Flash is legitimate?

1187 Views 6 Replies Latest reply: Feb 9, 2013 1:50 AM by Magnus Lewan RSS
Magnus Lewan Level 4 Level 4 (3,655 points)
Currently Being Moderated
Feb 8, 2013 11:03 AM

This is mainly a paranoid question, but how do I know if a Flash installer is legitimate?

 

When I opened Safari today, I got prompted to update Flash. However, the window prompting the Flash update could have been launched from some open browser tab in Safari or another browser, couldn't it? So when I look at the window that prompts me to upgrade, what could I use as a sign to tell that this is a valid legitimate request to update?

 

As I am paranoid, I cancelled the update process and went to adobe.com and downloaded the update from there. In that way I at least know the origin of the file. However, surely that should not be necessary. Surely there is a way to recognise a legitimate update prompt?

  • Ralph Landry1 Level 7 Level 7 (28,695 points)
    Currently Being Moderated
    Feb 8, 2013 11:06 AM (in response to Magnus Lewan)

    As always, look at the URL and see if it looks right, has misspellings, etc.  Safest is always to do what you did and go to the company's site and download from there.

  • dominic23 Level 6 Level 6 (18,350 points)
    Currently Being Moderated
    Feb 8, 2013 11:07 AM (in response to Magnus Lewan)

    Take it from Apple. That is the only way if not updating from installed Adobe Flash/System Preferences.

     

     

    http://support.apple.com/kb/HT5655

     

     

    Best.

  • Klaus1 Level 8 Level 8 (43,300 points)
    Currently Being Moderated
    Feb 8, 2013 3:25 PM (in response to Magnus Lewan)

    Only EVER download Flash Player from Adobe's own website.

     

    Two bugs, one affecting Apple's Mac platform and another attacking Microsoft's Windows, exploit certain Flash player vulnerabilities to install malware onto users' systems, reports ArsTechnica. While users of other operating systems like Linux have yet to report attacks, Adobe's advisory notes the exploit affects all platforms.

     

    Designated as CVE-2013-0634, the first vulnerability targets the Safari and Firefox Web browsers running on OS X, and is also being used as a trojan to deploy Microsoft Word documents containing malware. For Mac users, the flaw affects Adobe Flash Player version 11.5.502.146 or earlier.

     

    The Adobe Flash patch can be found on the company's website, and users can visit this page to check if their software is the most curent 11.5.502.149 version.

  • Allan Jones Level 7 Level 7 (29,550 points)
    Currently Being Moderated
    Feb 8, 2013 4:58 PM (in response to Magnus Lewan)

    In System Preferences > Flash Player, I turn off Flash Player's ability to check for update:

     

    Screen shot 2013-02-08 at 4.53.08 PM.png

    That way, if any pop-ups say Flash needs updating, I know they are bogus.

     

    I manually check for updates about once a week.

     

    NOTE: Even with manual updating, the brain-dead Flash installer resets your Prefs to "Allow Adobe to install updates (recommended)." After every manual update, remember to desecelt that option in System Preferences.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.