Regular readers of this site will know that Adobe Flash, which is the software that plays many online videos and Web animations, isn't the most secure program. In fact, Adobe has to release updates monthly, or sometimes even weekly, to keep hackers from using flaws in Flash to invade people's computers.
That's especially bad news when Adobe is installed by default on just about every computer. We've told you in the past that you might not even need Flash, and how to disable it or remove it completely. At the very least, you need to update it as soon as new patches come out. Unfortunately, hackers found a way to make that advice work in their favor.
The hackers uploaded their own version of the code to at least 500 of PageFair's clients, and it was active for an hour and a half starting October 31 at 6:52 p.m. Eastern. When users visited those websites in that time period, they got a browser pop-up warning saying that a critical Flash update was available and they should install it right away.
Of course, if a user clicked on the update link, they got a virus installed on their computer instead of Flash. This is a good reminder to only install updates from the manufacturers website, or from within the program itself. You shouldn't trust pop-ups or warnings that appear in unusual locations.
It's also a good reminder that you need strong security software installed to keep viruses from taking hold on your computer.