Coping with Flash vulnerabilities
Posted: Wed Feb 04, 2015 8:47 pm
Two recently-reported Flash Player vulnerabilities (CVE-2015-0313 and -0311) are leading me to block most Flash videos.
The short form of this question is: How do I best use NoScript or FlashGot, in dealing with this situation?
I have NoScript (for years, and I love it!) ... but I never bothered with FlashGot; I've had little need to download Flash videos, but do watch them online occasionally (or "did," until now!).
Is there a NoScript setting that will block all Flash video from all sources, unless I explicitly override on a case-by-case basis? (I'm unlikely to override until they fix this!)
I suppose I could simply delete the vulnerable versions of Flash Player... but it's not clear to me, yet, how much (if any) of the vulnerability is "in the video," vs. how much is "in the player."
The short form of this question is: How do I best use NoScript or FlashGot, in dealing with this situation?
I have NoScript (for years, and I love it!) ... but I never bothered with FlashGot; I've had little need to download Flash videos, but do watch them online occasionally (or "did," until now!).
Is there a NoScript setting that will block all Flash video from all sources, unless I explicitly override on a case-by-case basis? (I'm unlikely to override until they fix this!)
I suppose I could simply delete the vulnerable versions of Flash Player... but it's not clear to me, yet, how much (if any) of the vulnerability is "in the video," vs. how much is "in the player."