Go Back   MacRumors Forums > Apple Systems and Services > OS X

Reply
 
Thread Tools Search this Thread Display Modes
Old Apr 25, 2012, 02:56 PM   #1
doxavita
macrumors 6502a
 
Join Date: Jul 2010
Adobe Flash Player update pop-up: looks legit, but please tell me more...

With all this talk about the Flashback Trojan, thought I might ask a few things... My browser: Firefox (with the NoScript extension) OSX: Snow Leopard.

- Up until now, IF there was an Adobe Flash Player update, I would simply visit youtube.com and receive a pop-up which would look like the REAL version (If I recall correctly), as explained here: Flashback Virus? How do you know? and here: Is this a flashback trojan?
In Firefox I would then open my "Add-ons Manager" tab > go to "Plug-Ins" and compare the "Shockwave Flash" version with the one shown in Adobe - Install Adobe Flash Player IF there was an update indeed (newer version available), I would proceed with the pop-up I got from youtube.com: installing, providing my admin password and so on. In recent times I have gotten the pop-up WITHOUT visiting youtube, but again, the update pop-up looks legit, so most likely they simply added an automatic check upon loading my browser. Like I mentioned I have the NoScript extension, so I would have to enable all scripts first before anything malicious can run, I think.

- UPDATE: Now in fact I just got the pop-up again (suggesting to update from version: 11.2.202.228 to version 11.2.202.233) and know it's best to get the update directly from Official Adobe Flash Player page . So how do I go about this now?: IF I get the pop-up, do I just click on "REMIND ME LATER" or close it, go to the official Adobe Flash Player page, download their OFFICIAL installer, and then just run it? or do I have to uninstall my flash player each time there's an update before running the OFFICIAL installer? Is there any danger on clicking "REMIND ME LATER" or closing it if the pop-up isn't legit?

- Under "System Preferences" > Other > Flash Player, do I have to change any settings?

-I have already made sure I have the latest "Software Update". So in a sense, IF I had Flashback, that would automatically protect AND "cure" my system?

-I checked my downloads folder: Only flash related installer I have is: "install_flash_player_osx_intel.dmg (which I obviously don't want to open), but I assume this is a legit installer from the time my Mac was new and the trojan wasn't around yet.

So:

- Is it safe to assume I do NOT have the trojan?

- How can I tell if I have it?

- The ONLY way to get it is by visiting a malicious website?

- Is this the trojan that spreads through a Chinese PDF?

I already tested for the other Flashback trojan variation (the one that spreads through a JAVA exploit), with those terminal commands, and it seems I'm clean.

Thanks for all your help!
doxavita is offline   0 Reply With Quote
Old Apr 25, 2012, 03:19 PM   #2
GGJstudios
macrumors Westmere
 
Join Date: May 2008
Find your Flash version and make sure it's the latest version available. Never install or update Flash from a pop-up on a website, including YouTube. Always go to Adobe's site to get Flash or updates.
GGJstudios is offline   0 Reply With Quote
Old Apr 25, 2012, 03:46 PM   #3
doxavita
Thread Starter
macrumors 6502a
 
Join Date: Jul 2010
I went to "System Preferences" > Flash Player , and under "Advanced" > Updates > Switched to "Never check for updates (not recommended)", that way I won't get any pop-ups again, right? And I would manually update each time...

Is it safe to say I don't have the trojan at this moment?, Could you please answer some of the other questions?

Thanks.
doxavita is offline   0 Reply With Quote
Old Apr 25, 2012, 03:53 PM   #4
GGJstudios
macrumors Westmere
 
Join Date: May 2008
Quote:
Originally Posted by doxavita View Post
I went to "System Preferences" > Flash Player , and under "Advanced" > Updates > Switched to "Never check for updates (not recommended)", that way I won't get any pop-ups again, right? And I would manually update each time...

Is it safe to say I don't have the trojan at this moment?, Could you please answer some of the other questions?

Thanks.
If you have run Software Update on Snow Leopard or Lion, it's save to assume you're not infected.

Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 10 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). Also, Mac OS X Snow Leopard and Lion have anti-malware protection built in, further reducing the need for 3rd party antivirus apps.
Mac Virus/Malware FAQ
  1. Make sure your built-in Mac firewall is enabled in System Preferences > Security > Firewall

  2. Uncheck "Open "safe" files after downloading" in Safari > Preferences > General

  3. Disable Java in your browser. (For Safari users, uncheck "Enable Java" in Safari > Preferences > Security.) This will protect you from malware that exploits Java in your browser, including the recent Flashback trojan. Leave this unchecked until you visit a trusted site that requires Java, then re-enable only for the duration of your visit to that site. (This is not to be confused with JavaScript, which you should leave enabled.)

  4. Change your DNS servers to OpenDNS servers by reading this.

  5. Be careful to only install software from trusted, reputable sites. Never install pirated software. If you're not sure about an app, ask in this forum before installing.

  6. Never let someone else have access to install anything on your Mac.

  7. Don't open files that you receive from unknown or untrusted sources.

  8. For added security, make sure all network, email, financial and other important passwords are long and complex, including upper and lower case letters, numbers and special characters.

  9. Always keep your Mac and application software updated. Use Software Update for your Mac software. For other software, it's safer to get updates from the developer's site or from the menu item "Check for updates", rather than installing from any notification window that pops up while you're surfing the web.
That's all you need to do to keep your Mac completely free of any Mac OS X malware that has ever been released into the wild. You don't need any 3rd party software to keep your Mac secure.
GGJstudios is offline   -1 Reply With Quote
Old Apr 25, 2012, 04:12 PM   #5
doxavita
Thread Starter
macrumors 6502a
 
Join Date: Jul 2010
Quote:
Originally Posted by GGJstudios View Post
If you have run Software Update on Snow Leopard or Lion, it's safe to assume you're not infected.
Great!

I'm a Firefox user. It seems that in order to disable Java here I have to open the "Add-ons Manager" tab again, go to "Plug-ins" and disable: "Java Plug-In 2 for NPAPI Browsers 13.7.0", Just curious, is this the latest version for the Java Plugin?, whenever I run "Software Update" and Apple addresses an update, is this plug-in version directly affected/ modified?

UPDATE: I can still run Java programs, right? (outside of my firefox browser), no flashback danger there?

Last edited by doxavita; Apr 25, 2012 at 04:27 PM.
doxavita is offline   0 Reply With Quote
Old Apr 26, 2012, 05:56 PM   #6
GGJstudios
macrumors Westmere
 
Join Date: May 2008
Quote:
Originally Posted by doxavita View Post
UPDATE: I can still run Java programs, right? (outside of my firefox browser), no flashback danger there?
Correct.
GGJstudios is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Systems and Services > OS X

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Is this a legit Adobe update or a virus? xriderx11 Mac Applications and Mac App Store 20 Nov 14, 2013 12:44 PM
Can't update Sophos Antivirus, Can't install Adobe Flash Player. Please help! Aj09 Mac Applications and Mac App Store 8 Sep 13, 2013 09:09 AM
Adobe Flash Player help bluebird3 Mac Basics and Help 6 Jul 22, 2013 04:11 PM
Am I The Only One Who Can't Update Adobe Flash Player? 53kyle OS X Mavericks (10.9) 4 Jun 14, 2013 03:29 AM
Adobe Releases Flash Player Update to Patch Security Holes as Apple Blocks Earlier Versions MacRumors MacRumors.com News Discussion 162 Feb 15, 2013 09:48 PM

Forum Jump

All times are GMT -5. The time now is 02:07 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC