computerwoche.de

Archiv

Old Flash for Snow Leopard, and Firefox Gets Fake Flash

04.09.2009
Here's a sneaky one for you. According to Sophos, a piece of spyware is masquerading as a Flash player plug-in for Firefox. Its installation screen looks legit (per ), and it will even show up thereafter in the list of Firefox extensions as "Adobe Flash Player 0.2."

But you don't get video with this plugin - instead, it will spy on your Google searches and send the data to a "remote server," and will also insert ads onto Web pages you view.

The Sophos post says this baddie is spreading via Internet forums, and makes the obvious point that you should be careful with downloads from untrusted sources. You can also improve your security by sending downloads to , where you can get a scan from Sophos and 40 other antivirus engines before installing (for Firefox add-on links you can right-click and choose "Save Link As" to save the .xpi file, which can then be uploaded).

Flash concerns continue with Snow Leopard, which is reportedly shipping with an old and insecure version (10.0.23.1) of the program. According to a from Intego, you'll end up with this unsafe Flash version after upgrading to Snow Leopard even if you had a new, fixed version of Flash beforehand. As pointed out in the Intego post, you can check your current version of Flash at , and download the from Adobe.