Full Disclosure mailing list archives
Re: Adobe Flash UpdateInstalls Other Warez without Consent
From: "Michael D. Wood" <mike () itsecuritypros org>
Date: Fri, 07 Sep 2012 18:31:29 -0400
You guys are acting like Jeffrey is a newb to all this stuff. I'm sure he knows what mbam and spybot are, and is able to scan his machine. I'm sure he knows to go straight to the source when downloading flash player, albeit Adobe does include the annoying toolbar unless you choose not to install. -- Michael D. Wood ITSecurityPros.org www.itsecuritypros.org ----- Reply message ----- From: "Mark" <boogiebruva () yahoo co uk> To: <noloader () gmail com> Cc: "Full Disclosure b" <full-disclosure () lists grok org uk>, "BugTraq" <bugtraq () securityfocus com> Subject: [Full-disclosure] Adobe Flash UpdateInstalls Other Warez without Consent Date: Fri, Sep 7, 2012 5:32 pm You didn't download it from download.cnet.com, by any chance? Sounds more like an infection to me. For windows, download and run the following programs. http://www.filehippo.com/download_malwarebytes_anti_malware/ http://www.filehippo.com/download_spybot_search_destroy/5168/ http://www.filehippo.com/download_superantispyware/ On 06/09/2012 19:09, Jeffrey Walton wrote:
The company that writes the worlds most insecure software [1,2,3] has figured out a way to further increase an attack surface. Adobe now includes additional warez in their updates without consent. The warez includes a browser and tools bar. The attached image is what I got when I agreed to update Adobe Flash because of recent security vulnerability fixes. It appears Adobe has become a whore to Google like Mozilla. +1 Adobe. [1] http://www.google.com/#q=Adobe+site%3Asecurityfocus.com. [2] http://web.nvd.nist.gov/view/vuln/search-results?query=adobe&search_type=all&cves=on [3] http://lastwatchdog.com/adobe-surpasses-microsoft-favorite-hackers-target/ [4] http://www.theregister.co.uk/2009/12/29/security_predictions_2010/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Adobe Flash UpdateInstalls Other Warez without Consent Michael D. Wood (Sep 07)
- Re: Adobe Flash UpdateInstalls Other Warez without Consent Mark (Sep 07)
- Re: Adobe Flash UpdateInstalls Other Warez without Consent Christian Sciberras (Sep 08)
- Re: Adobe Flash UpdateInstalls Other Warez without Consent Benji (Sep 08)
- Re: Adobe Flash UpdateInstalls Other Warez without Consent Georgi Guninski (Sep 08)
- Re: Adobe Flash UpdateInstalls Other Warez without Consent Christian Sciberras (Sep 08)
- Re: Adobe Flash UpdateInstalls Other Warez without Consent Mark (Sep 07)
- <Possible follow-ups>
- Re: Adobe Flash UpdateInstalls Other Warez without Consent Michael D. Wood (Sep 09)