Please disable Flash on your system

[redrider90]

While locking folders will prevent changes to Flash code on your Mac, it will NOT necessarily prevent these exploits from working. Locking the folder prevents changes to the STORED file, not to the code loaded into memory when the executable is activated. The exploits use the Flash code as it is held in memory, take advantage of a flaw, and then use that flaw to allow the loading and running of code of their choice.

Locked files are an excellent concept - they just aren't enough in this case.

I am hardly an IT guy but how does the exploit get past all those locked files? Now if you are saying I am downloading a virus from Adobe when I upgrade (I unlock every folder before I upgrade)  and therefore it is in the locked file I can understand it. But can you explain how the virus gets past the whole Macromedia locked files in order to exploit it?  If you are correct that locking the files is not enough then you not only have to run the  uninstaller  but then go into these two files and put them in trash to completely eliminate all Flash from the hard drive.
<home directory>/Library/Preferences/Macromedia/Flash\ Player
<home directory>/Library/Caches/Adobe/Flash\ Player

[Chuck in Indiana]

I'm certainly not an IT guy either, but he said

Locking the folder prevents changes to the STORED file, not to the code loaded into memory when the executable is activated. The exploits use the Flash code as it is held in memory,

makes sense to me..

[redrider90]

I'm certainly not an IT guy either, but he saidmakes sense to me..

Ah..... thanks I read it too fast. After reading everything on the net right now I might just uninstall the whole thing and disable Java from what I am reading.

[bad Chad]

Really?  Surely the usual internet hysteria at work.  I have disabled not a thing, and all is normal.  But of course I only use Mac, so I am better than those who can only get by with p/c.

[canuguzzi]

While locking folders will prevent changes to Flash code on your Mac, it will NOT necessarily prevent these exploits from working. Locking the folder prevents changes to the STORED file, not to the code loaded into memory when the executable is activated. The exploits use the Flash code as it is held in memory, take advantage of a flaw, and then use that flaw to allow the loading and running of code of their choice.

Locked files are an excellent concept - they just aren't enough in this case.

 :1:

Like locking the front door and leaving the windows open and all the door inside are open too.

[rodekyll]

If the locked folder defense has been anticipated by the virus it simply builds its payload in another folder.  If the file is locked, it can still be copied to another location, altered, and then a path made to the new location -- much the same as you do when you have a picture on a CD you want to edit.  The CD is not writable (same as a locked folder) but the picture can still be tinkered with, saved to another location, and used.

Please folks -- don't let the mythology of Linux and OSx make you complacent.  This is a platform-independent problem.  As long as flash works with your OS you are at risk. 

[Kentktk]

Really?  Surely the usual internet hysteria at work.  I have disabled not a thing, and all is normal.  But of course I only use Mac, so I am better than those who can only get by with p/c.

Same here, all these internet issues are almost a 100% Microsoft/PC user problem. You would think people would get the clue.

[canuguzzi]

Same here, all these internet issues are almost a 100% Microsoft/PC user problem. You would think people would get the clue.

Actually, they are nearly all a user problem. Many of us use the Microsoft OS and PCs and don't have the issues that become hyped all the time.

If using MACs was as secure and trouble free as it is made out to be, Apple would not need to employ "Geniuses" at the cost of many millions of dollars per year to fix them and charge their customers billions more to pay for the privilege of talking to them.

I'd go so far as to say that owning a MG is contrary to idea of owning a MAC if that means it should never break or have a fault and going to a Genuius to get it repaired.

I have never had to talk to a "Genius" to use my PC but there is a line at every Apple store with people needing to do just that. I bet very few of them ride a Guzzi, present company excepted.

[Kentktk]

It`s not hype it`s consistently prevelant. You don`t pay to use a Genius at the Apple store nor during warranty and many times even when off warranty. When you call, their is actually little or no wait or they will call YOU back at a time YOU pick. Apple is not perfect but 1000 times better than Microsh-t. Try getting help on a Microsh-t OS PC without paying for it, if you can even find it.

[canuguzzi]

You didn't pay for that warranty and Apple provides the Genius out of pure philanthropy?  Now who needs to get a clue?

[canuguzzi]

That isn't consistent with owning a Motor Guzzi now is it? Just saying.

[oldbike54]

 You mean Apple isn't a philanthropic not for profit organization ? Damn .

  Dusty

[canuguzzi]

You mean Apple isn't a philanthropic not for profit organization ? Damn .

  Dusty

Was wondering the same about Motor Guzzi...

[canuguzzi]

It all good though, to each his own and at least with a PC you own the thing.

[Kentktk]

You didn't pay for that warranty and Apple provides the Genius out of pure philanthropy?  Now who needs to get a clue?

For the first year no, it`s called providing a service and it`s good.  Something Microsh-t doesn`t understand, unless providing free patch after patch after patch every other day for bad products is considered good service.

[redrider90]

You mean Apple isn't a philanthropic not for profit organization ? Damn .

  Dusty

I own a Mac because they really are easier to use for those who do not think well with computers. My wife and brother are perfect examples of people who struggled to use windows and find it easier to use a Mac. They still do not find computers easy to use, but they find Macs easier to use than Windows.  Lots of people find Macs easier but not necessarily easy to use. Whether they are better computers is a fight I  could care less about.  I am glad I bought a handful of Apples shares. It has made me more than a few bucks.
As for their service I find it excellent. They do not always get it correct but there is easy access to Apple Care.

[Bill Hagan]

For the first year no, it`s called providing a service and it`s good.  Something Microsh-t doesn`t understand, unless providing free patch after patch after patch every other day for bad products is considered good service.

I thought NP's point was that there is no free lunch and thus that we Macsters paid for that in the "HOW MUCH!?!" sticker price for initial outlay, which I think is way more than what the "equivalent" PC, laptop, etc. costs.

I don't know enough to debate with the IT folks here over the merits of eating apples v. other types, but I do know I'll never leave the orchard.  Zero problems in 4+ years with our MacBook Pro 13's.  Worth the entry fee to us.

Bill

[oldbike54]

 Dang Harv , I thought YOU were a non profit  Yeah , Dave Barry wrote about how superior Macs were to any other computer , but all they are is a toy to me , so it doesn't matter .

  Dusty

[bad Chad]

Bingo Bill!  Perhaps one does pay a $100-$200 premium for a Mac, but over the course of a few years it pays for itself in spades. 

[redrider90]

Dang Harv , I thought YOU were a non profit  Yeah , Dave Barry wrote about how superior Macs were to any other computer , but all they are is a toy to me , so it doesn't matter .

  Dusty

I am an old hippie socialist who charges for his services. Never figured out how to understand the socialist side gets along with the capitalist side.
Constant conflict until the person is leaving my lab and they owe a few hundred $s and somehow the capitalist side always wins out.

[oldbike54]

 Harv , even us old socialist hippies gotta eat  Plus , gas ain't gettin any cheaper 

  Dusty

[redrider90]

Harv , even us old socialist hippies gotta eat  Plus , gas ain't gettin any cheaper 

  Dusty

Actually gas is cheaper. I filled the propane tank yesterday and it dropped $.75 gallon the week before. Saved $200 dollars! Hot dang.

[redrider90]

I wiped clean both my Macs tonight all things adobe and reinstalled with the new version with the patches.

[Kentktk]

Bingo Bill!  Perhaps one does pay a $100-$200 premium for a Mac, but over the course of a few years it pays for itself in spades.

Exactly, and in lack of frustration also!

[rodekyll]

Same here, all these internet issues are almost a 100% Microsoft/PC user problem. You would think people would get the clue.

Let's see . . . So far this year you've blamed Microsoft for the quality of Chinese manufacturing, made them responsible for urban planning, and made Bill Gates personally responsible for not building you a freeway bridge.  Now you're saying MS is responsible for an Adobe Flash hack.  This is beyond irrational.

Microsoft is not Adobe.  Flash is not a Microsoft product.  Flash works across all platforms, not just Microsoft.  The vulnerability is an attack on the internet, not Microsoft.  It is equal opportunity.  Those are the facts.  It's time to pull your head out of your ass.

[ITSec]

Regarding the merits of platforms and their relative potential to be attacked...

I have worked in and with IT since the late 70s. I have had DOS systems since they became available, my first Mac was a LISA, I have worked with STAR and PDP systems, Tandems, the many flavors of UNIX, mainframes, you name it, and all their successors right up to today - chest thumping now completed. 

I have in my home network several client systems in OS-X, Windows, and Linux flavors. I have several servers in Windows and Linux (and even a mainframe simulator). I have a number of virtual machine instances used to simulate environments at my customers' shops. This type of issue requires me to touch EACH of them, sometimes multiple times, to both secure my environment and to determine what to recommend to my clients who may not be able to simply disable a function as it may be used in their business; for example, one client delivers their HR training program using Flash content.

As was noted, this is a multi-platform attack and ALL operating systems are potential targets - period. Macs are not immune, Linux boxes are not, and neither old nor new Windows is 'safe'. If someone were silly enough to have Flash installed on a virtual machine operating in a mainframe system, it would also be vulnerable.

MAC is NOT better, or worse, than PC. Linux is NOT better, or worse, than Windows. I buy ThinkPads because I like them and they are high quality with good support. Are other laptops good choices? Sure.

Something I have told my customers, and those I am mentoring, for more than 25 years:

When it comes to IT, there is always more than one right answer - but for a given customer in a given situation with a given set of needs at a given time, there is almost always only one best answer. What is best for one is not what is best for another, and the responsibility of an IT adviser is to help a customer move from what works to what is best for them.

And to get back to the subject, Flash is no longer what is best when it comes to delivering multi-media content on the web. HTML5 is better, but still imperfect. Keep your eyes open for developments...

[Chuck in Indiana]

Bingo Bill!  Perhaps one does pay double for a Mac, but over the course of a few years it pays for itself in spades.

FTFY big boy.. 

[redrider90]

Let's see . . . So far this year you've blamed Microsoft for the quality of Chinese manufacturing, made them responsible for urban planning, and made Bill Gates personally responsible for not building you a freeway bridge.  Now you're saying MS is responsible for an Adobe Flash hack.  This is beyond irrational.

Microsoft is not Adobe.  Flash is not a Microsoft product.  Flash works across all platforms, not just Microsoft.  The vulnerability is an attack on the internet, not Microsoft.  It is equal opportunity.  Those are the facts.  It's time to pull your head out of your ass.

I have always considered adobe one big hack attack no matter which platform one is running. I spend a lot of time on my Macs trying to block and then finding and cleaning out cookies and LSOs that attach to adobe. I also have to go to adobe setting on their webpage to eliminate attachments.  Adobe is a platform designed to make it easier for "them" to follow us around and peak into our lives. I hate adobe.

[screamday]

Regarding the merits of platforms and their relative potential to be attacked...

Very well said IT. 

[Mayor_of_BBQ]

sounds like the sky is falling

I have never run any anti-virus on any desktop or laptop I've ever owned...  including Apples, PC's, and now a chromebook

I think I've had 3 desktops and now on my 3rd laptop total since 1998 and if I ever had a virus I never knew it.  Seems like a lot of work and hysteria to prevent what??  Stolen data? Slow machine? Rabies? Honestly, please someone tell me... what is the worst that can happen if I just ignore this like every other super-virus worm malware trojan wormhole thing that has been reported on in the last 15 years??