3 Replies Latest reply: May 26, 2012 1:41 AM by X423424X
Tres Ds Level 1 Level 1 (0 points)

I keep getting messages asking if I want to download the newest version of Flash. Isn't that the application that was identified as being Malware recently?

MacBook, Mac OS X (10.7.4)
  • Kappy Level 10 Level 10 (260,215 points)

    No. Flash is a browser plug-in to enable seeing Flash content on the web. The malware was called Flashback.


    Helpful Links Regarding Flashback Trojan


    A link to a great User Tip about the trojan: Flashback Trojan User Tip

    A related link in the tip to a checker: Malware Checker Dowload Link


    A Google search can reveal a variety of alternatives on how the remove the trojan should your computer get infected. This can get you started.


    For now I recommend the User Tip from etressoft to detect and remove:


    Checking for and removing the "Flashback" trojan

    Kaspersky Flashback Trojan Site:Flashback Trojan Detection and Removal


    Also see Apple's article About Flashback malware.

  • MrHoffman Level 6 Level 6 (13,260 points)

    A correctly-patched 10.7.4 system should have the Java vulnerability removed, if you even have Java installed, and one of the security updates should gave detected and removed various of the known versions of the malware that have been around.  (These bits of malware are evolving, but with the Java security hole patched, the primary infection route for the recent mess is closed.  Which means that any existing malware on your system -- if there is any -- is going to have to be latent in your system already and a type that Apple's malware removal hasn't dealt with, or you'll have had to to download and install the malware.)


    Now as for the pop-up...  Ignore any web popups or web-related baggage and anything that you've connected to that then tells you to install an update to your system (that's malware).


    As for your current situation and your current (unspecified) pop-ups, you will want to ensure you do have the current Adobe FlashPlayer version.   Adoble does have a mechanism to update FlashPlayer, if it's installed.  You may be seeing those (legitimate) update notifications.


    All of which means you have a choice...


    If you choose to remove Adobe FlashPlayer entirely (then you'll be absolutely certain you're not vulnerable to FlashPlayer bugs).  Google Chrome contains an integrated version of FlashPlayer, so you can potentially use that browser, even if the base system no longer has FlashPlayer installed.  The Google Chrome updates hopefully fix that version of FlashPlayer, if vulnerabilities are identified in that.


    If you choose not to remove FlashPlayer, then you'll want to use the Adobe System Preferences control panel (What Adobe calls "Local Settings Manager", available with FlashPlayer 10.3 and later IIRC) and ensure that FlashPlayer is patched to current, and keep it patched to current.


    If you're not sure what local version of FlashPlayer you're dealing with, go to the Adobe web site, and download the latest bits.

  • X423424X Level 6 Level 6 (14,215 points)

    Tres Ds wrote:


    I keep getting messages asking if I want to download the newest version of Flash. Isn't that the application that was identified as being Malware recently?


    Not the real adobe flash player from the actual adobe download site.  It was fake flash player installers from other sites which installed malware.  That's how the malware got its name, "flashback".  So long as you download from adobe you will be fine.


    Alternatively, if you installed the flash player plugin a Flash Player system preference panel is installed.  If you open that, and click the Advanced tab, you will see a Updates section with two radio buttons to enable or disable automatic update checking.  You must have it enabled which is why you are seeing a message about updating to the latest version.


    As for uninstalling, there is no provision in the preference panel to uninstall the flash player plugin.  It's a simple as removing the plugin and the preference panel but adobe does provide an uninstaller which you can download from their uninstaller web page.   If you don't intend to watch any flash video (e.g., youtube, etc.) there is no reason to keep it installed otherwise keep it up to date.