Full Disclosure: Re: Adobe Flash UpdateInstalls Other Warez without Consent

[Jeffrey Walton <noloader () gmail com>]

On Thu, Sep 6, 2012 at 1:26 PM, James Lay <jlay () slave-tothe-box net> wrote:
> On 2012-09-06 11:09, Jeffrey Walton wrote:
> > The company that writes the worlds most insecure software [1,2,3] has
> > figured out a way to further increase an attack surface.
> >
> > Adobe now includes additional warez in their updates without consent.
> > The warez includes a browser and tools bar. The attached image is what
> > I got when I agreed to update Adobe Flash because of recent security
> > vulnerability fixes.
> >
> > It appears Adobe has become a whore to Google like Mozilla.
> >
> > +1 Adobe.
> >
> > [SNIP]
> Perhaps someone didn't uncheck the checkbox on download....
Fortunately, I still had the browser Windows open (that was opened by
the update process):
https://get3.adobe.com/flashplayer/download/?installer=Flash_Player_11_for_Internet_Explorer.

No check boxes - only instructions to install.

Jeff

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/