Enable the “click to play” option in Chrome and Firefox, if you use either of those browsers, to do the same job as ClickToPlugin. In addition, you should use ClickToPlugin in Safari to prevent Shockwave content from loading unless explicitly allowed to. If you decide to reinstall it later, be sure to keep an eye on the news and keep Shockwave updated. I would not recommend reinstalling it, even after Adobe releases an update, but I realize not everyone will do that. If you have Shockwave installed, I strongly recommend uninstalling it immediately. At this time, there are no known attacks involving Shockwave… key word there being “ known.” As a general-purpose attack vector, that makes it less desirable, though it could still be used in targeted attacks by people who know their targets have Shockwave installed. Open Safaris bookmarks, tap on edit, and edit the new bookmark. To do this, do the following: Copy this bit of code: javascript:location.href'googlechrome'+ (4). Few sites require it (I can’t recall ever encountering a site that required Shockwave), so not that many Mac users are likely to have it installed. But you can create a bookmarklet for Safari to open the current page in Chrome. The one saving grace here is the lack of any significant need for Shockwave. (Although conclusive reports were never released, it was believed at that time to be used to infect targeted users with the Crisis, aka Remote Control System DaVinci, malware.) The fact that Shockwave’s Flash component has not been updated during that time may possibly mean that it is also vulnerable to attack, and possibly that it is already being used for such attacks. I won’t be surprised if Apple blocks the current version of Shockwave, as they have done with vulnerable versions of Flash and Java in the past, but don’t wait for that to happen… remove Shockwave today!įlash Player has been updated numerous times since January 2013, and at one point in early 2013 was reported to be in active use in dropping Mac malware on vulnerable machines. Yesterday, Brian Krebs announced a shocking discovery: Adobe Shockwave Player includes an Adobe Flash Player component that has not received any security fixes since January 2013! This is a very serious security failure on Adobe’s part.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |