Adobe Cautioning Users of Fake Flash Player Downloads

According to Adobe, hackers are using fake Flash Player downloads as bait in their socially engineered e-mails to spread malicious malware. Thus, the firm has urged users to verify the authenticity of installers prior to downloading the software updates.

Evidently, hackers have created a profile in Portuguese-language, containing a link pointing to a video, which on clicking begins downloading the supposed Flash Player. However, in its place, ten types of malware designed to capture banking information are planted on the unwary computer.

According to Adobe, the social-engineering tactic of labeling malicious program as authentic software has been used since long. But, since Flash is widely used on Websites, majority of the users has loaded Flash Player to display the content.

However, Adobe recommends users to download Flash Player from adobe.com only instead of following links given on social-networking Websites that redirect to other sites purportedly hosting Flash Player, as those Websites could contain malware. In an advisory, the company said that if any user gets the download from an unknown IP address or a similar URL, then he should question its validity, as reported by Washingtonpost on August 5, 2008.

Adobe further said that Flash Player available on the company's Website has the digital signature and authenticated by the Windows OS at the time of installation. To confirm if the Flash Player installer is real, users can right-click on the application to choose "properties" and then click the "digital signatures" button. With that, the publisher's name "Adobe Systems Incorporated" should get displayed.

Besides, while installing Adobe's Flash Player on Windows, a dialog box for verification shows up that reveals the publisher's name - 'Adobe Systems Incorporated.' However, this may not be sufficient to confirm the validity of software. Therefore, users are suggested to click on the 'name of the publisher' and check for the digital certificate and the Certificate Authority that approved it.

Meanwhile, since Adobe has updated Flash Player a number of times in 2008 on account of other security problems, it might not appear surprising to find an upgrade notice, although a false one. The latest version is reportedly 9.0.124.0.

Related article: Adobe Rates Acrobat Vulnerabilities “Critical”

» SPAMfighter News - 18-08-2008

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial