How To + Recommended

How to Tell if Adobe Flash Player Update is Valid

Posted on March 8th, 2013 by

How to tell if Adobe Flash Player update is valid

There have been a lot of articles lately about security problems with Flash Player and recommendations to update Adobe plug-ins. But you may be wondering a few things, such as what the heck is a plug-in? How do you know if the version of Flash you have is the one that needs updating? And how do you make sure you’re as safe as possible when updating the software, given the constant flood of problems that are being reported? These are all valid concerns that we’ll clear up, putting your mind at ease when it comes time to update Adobe Flash Player.

What is a Plug-in?

Let's start with the basics. Plug-ins (or "plugins" – both are correct) are software elements used by web browsers, often to display certain types of content such as Flash or Java. Sometimes these come with your browser automatically, but sometimes you have to add them. When it comes to plug-ins, it can be hard to know what you have installed or what version you have.

Adobe's Flash Player is one of the most popular plug-ins on many websites, developed as multi-platform software for use on all the major operating systems. This plug-in provides what is called "Active Content," meaning it adds additional functionality to web pages for interactive or media-related capability.

What's the Security Concern with Plug-Ins?

These powerful applets can be embedded in web pages and provide the opportunity to access users across all operating systems, which means the software is a popular attack point for malware authors. For instance, it has been known for some time now that Java is not particularly safe, and the list of open issues does not seem to be decreasing. But Flash too has had its share of problems lately, which has led to Apple blocking older versions of the plug-in.

Flash was not included on iOS, in part because of these security vulnerabilities along with other performance issues. Although this has helped decrease the options malware authors have for attacking iDevices (remember when Steve Jobs took heat for the decision not to include Flash support in iOS?), Flash continues to be popular on many websites, and users are frequently prompted to update their software.

Sometimes multiple updates for Flash or Reader can occur in the same month. Adobe notifies Flash and Reader users of new available updates by displaying a notice regarding the availability of the new software. But when you see this type of notice from Adobe, how can you tell if the Flash update is valid or an attempt to install malware on your Mac?

How to Verify Which Flash Version You Have Installed

Your web browser can tell you the plug-ins you have installed and which versions:

  • In Safari, choose Help > Installed Plug-Ins. A web page will open in Safari that provides a list of the plug-ins, their versions, and the types of content they manage.
  • In Firefox, choose Tools > Add-Ons and choose the Plugins tab.
  • In Chrome, Flash Player will automatically be updated to the latest Google Chrome version, so you can rest assured the version you have is the latest.

As you can see, it’s pretty simple to find out which versions of software you are running. Now that you know, how can you tell if the versions you have installed are the latest versions? The answers vary depending on your browser, but the solutions are basic.

Blocked Plug-ins

If your Flash version is outdated and you use Safari, it's normal to see an error message indicating a blocked plug-in when trying to run any Flash content. Apple has a support page describing what you can do if you see this error message:

flash blocked plug-in

If you see a "Blocked Plug-in" alert when viewing Flash content in Safari, Adobe Flash Player is out of date.

If you're not using Safari, you should go directly to the source of the plug-ins for the information.

How to Verify the Latest Flash Version

If a Flash installer notice pops up and tells you that your software is outdated and to download and install a new version, you can check with Adobe to verify if an update is necessary. Type this web address directly into your browser address bar:

http://www.adobe.com/software/flash/about/

On this page, Adobe lists the latest Flash Player version information for all operating system platforms. The page also displays your current version information, helping you quickly and easily determine if you do in fact need to update your software. Whenever you have doubts about whether your software is up-to-date after receiving a Flash update notice, use these techniques to find out if you need to download new versions of your software.

Where to Get Trusted Adobe Updates

Because malware authors will frequently employ tricky tactics to make malware look like something you should trust, it's important to get your updates only directly from the vendor that publishes them. You can head over to Adobe's site for Flash Player updates. The same goes for Adobe Reader updates as well.

Why Flash Player Update Notices Can Be Problematic

The most widely known example of a fake Flash update is the Flashback Trojan horse, which first masqueraded as a Flash Player installer package targeting Mac users. Over 600,000 Mac users installed the fake update to Adobe Flash thinking it was valid, thereby infecting their machines with malware. The problem of identifying whether a Flash update notice is legitimate is a common concern among many users, but there are ways you can tell if that Flash Player update is real.

Flashback fake Flash update installer

Flashback's installer appears to be a valid Flash update, but how can you tell it's fake?

Due to the latest string of attacks coming through Adobe's software, many of you may opt not to install or run any Adobe software, and some of you may not know if you have browser plug-ins enabled. If you do use Adobe or aren't sure if you have the software enabled or which version of Flash you have, as we've discussed, there are ways to check for this information before downloading something from a possibly sketchy-looking Adobe Flash Player update notice.

Be Skeptical of Program Installers

If Flash or Reader plugins are enabled, Adobe will prompt users to download and install new updates with automatic update notices. However, it's a good idea to always doubt the validity of automatic software update notices, especially those for Adobe Flash Player or Adobe Reader. When visiting a web page, if you are asked to install a program or item on your machine, do not trust it and quit your browser.

Sometimes malware is served from a web page that looks like a program running on your machine or an open window on your desktop. For example, several variants of the Flashback Trojan served malware from web pages made to appear like your Flash plug-ins crashed and required an update using a fake Adobe Flash installer. If you ended up on a site that was serving Flashback malware, you would have seen something similar to this:

Crashed Flash plug-in graphic

The fake Adobe Flash installer screen pops up after the site displayed a crashed plug-in graphic and purported error messages.

Other examples of this type of malware scheme include tactics used by makers of the infamous fake antivirus for Macs commonly known as MacDefender. Therefore, you should only install programs on your system if you are confident knowing where exactly they came from.

With a seemingly endless onslaught of security issues associated with Flash Player, the importance of keeping all of your software updated cannot be stressed enough. It is one layer among many that keeps your digital life away from bad guys. If you update your software on a regular basis and follow these techniques to ensure safe software downloads, you'll never again have to second guess the validity of a random Flash installer notice.

  • Al Varnell

    Adobe has provided updater apps for the expressed purpose of providing a secure means of updating it’s apps. They took this action specifically to counter the types of browser notices that often lead to malware. There is even a feature to allow automatic updates which don’t require the user to guess whether the requests are valid or the need to locate the proper web site for safe downloads. I’m not sure why you would not encourage users to make use of these new, enhanced features?

  • webworld

    I have Adobe Flash CS5.5 (application) and Adobe Player. They have different versions.

    The Adobe Player is supposed to be updated what I followed the instruction above. It directed to Adobe Flash CS5.5 to be updated – instead of Adobe Player.

    Now, Adobe Flash’s version is 11.5.1.349 and Adobe Player’s version is 10.2.153.1. That does not make a sense to me. (iMac OS 10.8.3)

  • chuck

    Got a popup saying D/L Adobe Flash Player…I have that already…Didn’t say update but the company attached to it was AWIMBA LLC. I dumped the file. Does anyone know about this?

    • http://www.intego.com Intego

      You made the right call by not downloading/installing the file. If you get a suspicious Adobe Flash popup, feel free to submit any information you have about it to us, which you can do from here: http://www.intego.com/support/submit-malware We’ll take a look!

  • Danielle

    What do I do if I already downloaded a suspicious update?

    • LysaMyers

      Be sure to scan your machine with AV software – you can also send us the file for analysis: sample@virusbarrier.com

  • Elaine Morrison

    Thanks for that. I was wondering why random pages alerted me to updated versions while Adobe itself did not. Once one disabled flash entirely, and I ran script to prefer the Mac plug-in instead in order to get things running again. This time I didn’t trust it, and it turns out to be a good assumption.

  • Ramen

    My firefox tells me I have shockwave flash… from what I remember its not same as flashplayer is it? Flashplayer is nowhere to be seen in the plug-in section

    • http://www.intego.com Intego

      Names for Flash Player and its associated tools have changed many times, which is normal for many technology products. “Shockwave Flash” is more commonly known as Flash Player – even though, confusingly, there is also a Shockwave Player from Adobe. Flash Player plays Shockwave Flash (SWF) files, so it’s possible you may see it referred to as Shockwave Flash, which appears to be the case when checking Firefox plugins to verify which Flash version you have installed.

  • stevemusicmaker

    I know this article has been out there a while, and thank you Intego for keeping us informed and alerting us to potential vulnerabilities while taking time to respond to our questions and emails (Intego was invaluable during my Flashback malware infection in 2012, Arnaud, on the VirusBarrier Team, helped me clear my MacBook Pro (2009) of infection, since I was one of the 600,000 Mac users so affected! Thank You Arnaud and Intego, the VirusBarrier Team!),

    but I wonder why didn’t this article state the most secure AND EASY way for us to check on Flash Player and to update to latest version?

    Easy way to update to latest Flash Player version:

    1) Find the Apple Icon (Snow Leopard, upper left, under About this Mac)

    2) Choose ‘System Preferences’.

    3) Then on ‘System Preferences’ click ‘Flash Player’ at bottom under ‘Other’!

    This internal system by passes fake websites entirely and makes it far less likely to be fooled!

    4) Press the ‘check now’ button and your computer’s internal system will properly check and connect you to Adobe’s website!

    5) Follow all the prompts from Adobe for updating to latest version of Flash Player!

    Please tell me if this helps someone!

    Intego, why did you not suggest this, since it is the most ‘secure’ way to update Flash Player, eliminating the problem with phishing sites? Just wondering!

    • http://www.intego.com Intego

      This is very helpful, thank you.

      The steps you outlined are an easy way to check which Flash Player version you’re running and should have made it into our article. As you mentioned, because OS X’s internal system bypasses fake websites entirely and makes it far less likely for users to be fooled, this is perhaps the most secure method to check.

Join Our Awesome Email Newsletter

Enter your email address below to start receiving the best Mac Security Updates.

{"url":"\/marketo\/json\/add-to-newsletter","data":"list_name=Blog Roadblock"}