Flash is insecure. Here’s what to do about it NOW.

Adobe Flash used to be a popular way of displaying animated content, videos and sound on web sites. It was used by YouTube and the BBC for example. But it’s old technology now (most sites use HTML5 instead) and full of dangerous bugs that can allow hackers to take over your computer when you visit a normal web site. That’s a huge risk. Here’s a recent example¬†www.theregister.co.uk/2016/05/12/flash_zero_day_hole/

My first advice is to uninstall the Flash player from your computer (if you still have it installed) and just use the player that is built into your browser instead, because browsers are easier to keep updated and they run Flash in an isolated “sandbox”. In Windows 10, right click the “start” button at the bottom left of your screen, click Programs and Features, find the Adobe Flash Player and click to uninstall. In earlier versions, go to Control Panel > Programs > Uninstall a program instead. For Mac OSX you’ll need to run an uninstaller as described here helpx.adobe.com/flash-player/kb/uninstall-flash-player-mac-os.html

Second, prevent Flash running automatically in your browser. You can still run it when you need to on a trusted site by right-clicking. In Internet Explorer, click the gear icon, then Safety, then ActiveX Filtering. You want the check mark beside this option to show. In Chrome, type the address¬†chrome://settings/content into your address bar, scroll down to Plugins and select “Let me choose when to run plugin content”. In Firefox, click the menu button then Add-ons, Plugins, find Shockwave Flash and set it to Ask to Activate.

While you’re at it, if you still have QuickTime installed on a Windows computer you should uninstall that NOW as well, because it is no longer supported or patched and has critical vulnerabilities similar to Flash. It’s still supported on Mac OSX but I would avoid it. RealPlayer is also vulnerable and probably unneeded as well.