Dollieh Sanctuary Where no dollieh is left behind.

[victoriavictrix]

In the last few days, Hacking Team, an Italian company that sold commercial malware intended for use by governments and companies for spying, was comprehensively hacked. 400 GB of content from their company was stolen and put on the 'net as a bittorrent.

Among the things revealed in this massive data dump was an extremely severe Flash Player vulnerability that allows remote code execution as the logged-in user. No existing mitigation mechanism prevents this on any Windows OS in play. It affects all major browsers. There is no patch as yet.

And it is now being exploited in the wild by criminal malware - possibly the fastest known weaponization of a vulnerability by criminal malware teams, probably due to the detailed info about how to perform the exploit contained in the Hacking Team data trove.

The exploits involved are "drive-by downloads". If you have Flash content set to auto-play, you do not have to do anything but visit a compromised website. No clicking or downloading or opening attachments is required.

Any website can be compromised. Do not depend on high-profile or well-known sites being safe.
Here is where you can fix the exploit
http://www.pcadvisor.co.uk/how-to/internet/how-stop-autoplaying-ads-videos-media-on-web-pages-3497991/

[WhiteDove01s]

Ouch! Thanks for the warning. Tho it's not so much 'fix' as 'block all flash content for now', which might be a problem on some websites. My primary source of income (and admittedly not much of that) is through online surveys that often require flash! I'll have to see how this affects things, and hope the answer is 'not too badly', because I'm still going to be using a blocker for at least the duration (aka until Adobe fixes the exploit). I already commonly use an ad-blocker except on a handful of fansites who I am willing to allow ads with to provide revenue to the site, but I know it doesn't stop all auto-play stuff.

The flashblocker for Firefox is here if anyone needs the quick link:
https://addons.mozilla.org/En-us/firefo ... developers

I'm going to run MalwareBytes now just to make sure nothing slipped in before I saw this warning.

[Trethowan]

Thank you for sharing this warning.

[Kirahfaye]

Misty, do you mind if I pretty much just cut and paste your warning?

[victoriavictrix]

Misty, do you mind if I pretty much just cut and paste your warning?

Not at all. I got it from another site.

WhiteDove, you've not read the entire FAQ on the site for the flash-blocker. When you do, you will see it doesn't completely block Flash applications. It's a "click-to-play" that stops autoplayer. When you get a flash ad, or anything else that requires Flash to play, you will see a black screen with an italic "f" in the middle. You click on that "f" if you have decided that you trust the source, and it plays just fine.

[Kirahfaye]

Also, that Flashblock is causing me a major headache - it's affecting my posting and typing abilties! It's rendered invisable (or blocked) the | indicator when I type and even removed the Post button on a FB group!

I need to find it and uninstall it!

EDIT - I ended up restoring my PC to yesterday morning before I installed the Flashblock addon and it cleared up the problem. I highly recommend that no one use that addon.

[WhiteDove01s]

It's supposed to play just fine, true... but for some reason it doesn't show the video for me in embedded youtube content (Khan Academy, though the sound played just fine), and it disabled sound on DuoLingo without anything to click on. So it isn't perfect. And with a lot of my surveys, I can't close one to reboot the browser and then come back - you have to finish them all in a go or it's an instant disqualification.

It ended up messing up both my DuoLingo and Khan Academy lessons and I had to disable it for that (you just go back to add-ons in Firefox, click disable, and reboot browser)... And so far none of my surveys have contained video content lately so I'm just going to take a loss on the ones that do, so those seem to be the only two things I have to go in and disable the blocker for. Given the nature of this exploit... I recommend that anyone not disabling Flash in some way for the duration be very VERY careful not to visit any sites that might use auto-running Flash content, which includes... well, a LOT of sites including Facebook and most news sites. Not being able to see a post button is annoying. Getting bad malware that destroys your computer or steals your personal info and results in identity theft is worse.

Another alternative that I've been considering (since my computer is already set up for it in case I need better access or diagnostics) is to find and install Linux Ubuntu to make your computer a dual-boot system (it will ask you at startup which operating system you want to use, and continue to Windows in 10 seconds as a default). Nothing auto-downloads on Linux. Period. And Ubuntu is (IMO) the easiest version for those people used to Windows to adapt to.

Hopefully, this whole mess will be patched soon and we won't have to worry about the issue.

[ShortNCuddlyAm]

Another alternative that I've been considering (since my computer is already set up for it in case I need better access or diagnostics) is to find and install Linux Ubuntu to make your computer a dual-boot system (it will ask you at startup which operating system you want to use, and continue to Windows in 10 seconds as a default). Nothing auto-downloads on Linux. Period. And Ubuntu is (IMO) the easiest version for those people used to Windows to adapt to.

Hopefully, this whole mess will be patched soon and we won't have to worry about the issue.

Personally I'm hoping Flash vanishes off the face of the earth soon

For linux, Mint is also nice (I like the Cinnamon desktop) - I know a few people who prefer it to Ubuntu. Good thing is, they're all free, so you can have a look and decide what you prefer I run it (and Windows) as virtual machines (VMs) from my Mac. The Windows one is primarily for work as our VPN does not play nicely with OS X, and as it's a VM if it does have a problem it's easy enough to get rid of and get back from a good backup.