Home Security Real Threat: Unknown Flash Plugins and Add-ons

Real Threat: Unknown Flash Plugins and Add-ons

Flash addons and plugins threat

For years Adobe Flash Player has been widely used, but over the recent years downloading and installing unknown plugins, add-ons and codecs has become a high risk for security. Actually, it is the most preferred way for cybercriminals to attack online users all over the world. The risks are so high that Adobe, the developers of Flash Player, released a security alert regarding the multimedia player that led to Firefox temporarily blocking the Flash Player plugin for security purposes.

While there are risks to using Adobe Flash Player, it is the extras that really increase the risk of being hacked. These extras, such as add-ons and plugins, state they offer a service that may be an advantage to you, but the reality is, they could be malicious and contain a virus or malware that allows access to your computer and its files.

Avoid being a victim

Flash player plugin not installed

The quickest way to avoid becoming a victim to malware and viruses is simply to avoid installing anything you are not 100% sure about. However, with over 20,000 apps available that require Adobe Flash Player there may be situations where you need to install a plugin or add-on and it is your only option. In these cases, it is important to know what to look for so you can stay protected and safe from cyber attacks.

How a cyber attack is done

Fake video player ilivid example

Because knowledge is the first step in staying protected, the following is the process of a cyber attack:

  1. A user visits a legitimate website containing an infected banner.
  2. The infected banner detects any vulnerabilities on the user’s PC, then sends information to the malicious server.
  3. Hackers use vulnerabilities to infect PC with encrypted payload (data packet) in the form of a non-malicious downloads, plugins, codecs, or add-ons. The infected banner has successfully gained access to your PC.
    Shockwave flash plugin crashed scam
  4. The data packet then communicates with the malicious server and does as instructed by cybercriminals: encrypts data, collects confidential information, and so on. This goes undetected by antivirus software.

Staying updated is important

One more fake flash player update notification

The number one cause of cyber attacks being so high is due to the length of time between an official update for Flash Player or plugins/add-ons and the time users actually take time to update them. Adobe released information that indicated that most people update within 6 weeks of a new release, but in the world of cyber security six weeks is a really long time.

An update is released to patch the vulnerabilities that could be detected in your plugin, add-on or codecs. By not updating, cybercriminals have more time to take advantage of these vulnerabilities and use infected extras to reach your computer and control it.

How to update Adobe Flash Player properly

For those who simply do not know how to update Adobe Flash Player safely, below are the steps you should take to make sure your security is up to date at all times.

1. First, you can visit this link to detect the version of your Flash Player:


install flash player

If you are not currently up to date, visit Adobe Flash Player’s download site:


2. Select the operating system and browser you are using.

Note: The Adobe download page offers to install optional software prior to download, such as McAfee Security Scan or Google Chrome. If you do not want these installed, make sure to uncheck the checkboxes.

3. Download the installer.

4. Prior to running the installer, close all of your browser windows and be sure you have the privilege to install new apps.

5. Run the installer and follow the instructions.

Updating Flash for Google Chrome

Google Chrome automatically updates its version of Flash, but you will have to keep the browser updated. They refer to it as Pepper Flash Player.

Note: If you have disabled the default Pepper Flash Player, Chrome will revert to using the downloaded plugin if installed, in this case updating Flash Player would be the same as with other browsers described above.

How to remove viruses and malware

plugin error

If your computer is suddenly running slower than normal or you suddenly start experiencing all types of pop-ups, you are probably infected already. In this case, you need to take care of it quickly. The following steps explain how.

1. Boot in safe mode

When you boot the computer, hit F8 key repeatedly, this should take you to the Advanced Boot Options menu where you can choose to boot in safe mode with networking.

2. Delete temporary files

While in safe mode, delete temporary files first. This can help decrease the time it takes to run a virus scan and possibly get rid of some malware too. To do this, open your Disk Cleanup tool.

3. Download malware scanners

You are now ready to run the malware scanners which usually get most if not all of the infections out. Malwarebytes is one of the best malware scanners out there – and it is free.

If you already have an antivirus program, it is recommended to use a different one for the scan. However, no scanner is 100% effective as there are millions of malware types out there.

We hope these tips will help you keep your system nice and clean from viruses and malware agents hiding in fake Flash add-ons and plugins.