StopBadware.org RSS
Regaining Control of Our Computers
 
Home About Us Our Reports Clearinghouse Fight Back About Badware FAQ Security Tips Blog

Plug-ins should check for updates

Posted by Maxim Weinstein Fri, 06 Jun 2008 16:44:00 GMT

Jon Kibler, a security guru, posted an e-mail to the DShield mailing list. He did such a good job making an important point that I requested his permission to repost part of his e-mail. He graciously agreed.

The Adobe Flash Player issue brings up what I consider a critical question.

Few (IMHO, very few) web browser plug-ins let you know when there are updates available. After playing around with Safari and Firefox, the only out-of-date plugins that I experimented with that told me they were out of date were the Acrobat Reader and QuickTime plugins. Even more scary—and I believe a fundamental problem with web plugin design—they did not provide an offer to update to a newer version until AFTER they had executed (potentially malicious) content.

Note that third-party products exist to help scan a computer for outdated software. StopBadware.org does not endorse particular products, but our friends over at Consumer Reports WebWatch do, and they mentioned such a product on their blog just the other day.

Posted in  | Tags ,

RSS feed for this post

Comments are disabled

  

Contact Us   |   Privacy Policy

Consumer Reports WebWatch is not receiving any corporate support for its participation in this program.

Copyright © 2006 - All content for this site is under a Creative Commons license