Q

How to reduce the risk of Flash security issues

A rash of zero-day exploits has one organization looking for ways to reduce the risk posed by Flash running on endpoints.

In the wake of several Flash zero-day vulnerabilities, how can enterprises limit the risk posed by Flash on the

endpoint when it's a mission-critical must have?

Ask the Expert!

SearchSecurity.com expert Michael Cobb is standing by to answer your questions about enterprise application security and platform security. Submit your question via email. (All questions are anonymous.)

Adobe Systems has been kept busy this year releasing emergency updates to address Flash security issues as a result of zero-day vulnerabilities in the browser plugin. Some of the flaws were given a Priority 1 rating by Adobe, its highest threat level. If Flash is truly a mission-critical must-have for your users, then you have to stay on top of security bulletins from Adobe to ensure security announcements aren't missed. Sign up to Adobe's Security Notification Service and ensure your patch procedures can handle out-of-band emergency updates. Even though Adobe is now synchronizing its Flash Player security updates with Microsoft's Patch Tuesday, it may still issue emergency updates outside of this schedule to combat zero-day exploits.

You also need to keep other software up to date. For example, in Office 2008 and earlier versions, Flash Player content runs by default without sandbox protection. One of the most common Flash Player zero-day attack vectors has been malicious Flash content embedded in Microsoft Office documents delivered via email. Office 2010 offers some protection, as it includes a Protected Mode sandbox. If a document originates from the Internet or an Untrusted Zone, the Protected View feature can prevent Flash Player content from executing.

Users could be forced to use Google's Chrome browser for viewing Flash content. It runs Flash inside a "Pepper Flash" sandbox to isolate it from other processes the browser is running and provide a much more restrictive environment. Thus, even Windows XP users can have a sandboxed Flash. If Flash content that has to be accessed is hosted on trusted sites, then use the ActiveX filtering function in Internet Explorer 10 to stop the Flash Player from running except on these sites. If you host your own Flash content, you could disable Flash altogether and deliver your content using HTLM5. YouTube content runs perfectly well using the HTML5 player instead of the Flash player.

Finally, as many attacks exploit vulnerabilities in Adobe software, users should be regularly reminded of the dangers of opening unsolicited or unusual attachments or links.

This was first published in June 2013

Dig deeper on Securing Productivity Applications

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close