get the latest version of Flash PlayerMost consumers are familiar with Adobe Reader,
Tarpsfor PDF files, and Adobe’s Flash Player
Tarpaulin. In the last year, a virtual epidemic of attacks has exploited their flaws; almost half of all attacks now come hidden in PDF files, Mr. Weafer said. “No matter what browser you’re using,” he said, “you’re using the PDF Reader, you’re using the Adobe Flash Player.”
Part of the problem is that many computers run old, vulnerable versions. But as of April, it has become easier to get automatic updates from Adobe, if you follow certain steps.
To update Reader, open the application and then select “Help” and “Check for Updates” from the menu bar. Since April, Windows users have been able to choose to get future updates automatically without additional prompts by clicking “Edit” and “Preferences,” then choosing “Updater” from the list and selecting “Automatically install updates.” Mac users can arrange updates using a similar procedure, though Apple requires that they enter their password each time an update is installed.
Adobe said it did not make silent automatic updates available previously
Tarpaulinbecause many users, especially at companies, were averse to them. To get the latest version of Flash Player, visit Abobe’s Web site.
Any software can be vulnerable. Windows PC users can identify vulnerable or out-of-date software using Secunia PSI, a free tool that scans machines and alerts users to potential problems.
An increasingly popular way to get attacks onto Web sites people trust is to slip them into advertisements, usually by duping small-time ad networks. Malvertising, as this practice is known, can exploit software vulnerabilities or dispatch deceptive pop-up messages.
A particularly popular swindle involves an alert that a virus was found on the computer, followed by urgent messages to
buy software to remove it. Of course, there is no virus and the security software, known as scareware, is fake. It is a ploy to get credit card numbers and $40 or $50. Scareware accounts for
Tarpshalf of all
Tarpaulinmalware delivered in ads, up fivefold from a year ago, Google said.