http://www.sqlservercentral.com/blogs/brian_kelley/2011/04/22/if-a-web-page-asks-you-to-update-adobe-flash-player/

Printed 2014/10/20 07:04AM

If a web page asks you to update Adobe Flash Player

2011/04/22

You don't want to do so from that web page. Instead you want to go to the Adobe web site directly (www.adobe.com) and get the update from there. Newer versions of Flash should prompt you to update when you reboot your system every time a new version related to a security fix is pushed out. But if you're truly behind on versions, don't trust a web site that's telling you that you're behind. Go to the Adobe site. Why?

Here's why:


Both of these write-ups have something in common: the malicious code is delivered to you in the form of a prompt to update Adobe Flash Player. The prompt is fake, but it works because it relies on your trust. After all:

So given that updating Adobe Flash Player isn't an usual thing and that there are similarities with these fake updates and the real ones, folks trust the fake updates and end up getting infected. In the first case, it's impossible to tell that this prompt didn't come from a legitimate need to update Adobe Flash Player if all you do is look at the prompt. Therefore, the only safe thing to do is to close out the web browser entirely, restart it, go to the Adobe site, and check to see if you need to update Adobe Flash Player there.



Copyright © 2002-2014 Simple Talk Publishing. All Rights Reserved. Privacy Policy. Terms of Use. Report Abuse.