Tech Made Simple

Hot Topics: How to Fix Bluetooth Problems | The Best Holiday Gifts | Best Fitness Trackers Under $50 | Complete Guide to Facebook Privacy

Use It

author photo

Make Your Browser More Secure by Disabling These 3 Plugins

by on March 17, 2016
in Computer Safety & Support, Computers and Software, Tips & How-Tos, Windows 10 :: 9 comments

How to disable easily exploitable plug-ins

If you visited the New York Times, the BBC, MSN or AOL within the last week, you may have unsuspectingly fallen victim to malware, according to reports from multiple internet security firms. The ads on these sites and many others are allowing this bad software to be installed on your computer, according to Trend Micro. But you can avoid this problem by disabling or uninstalling the three common browser plug-ins Microsoft Silverlight, Adobe Flash and Java.

People with malicious intent can buy something called an exploit kit to install onto their servers. These exploit kits look for software vulnerabilities within people’s devices. Once the kit finds the best way in, it can install malware onto a device by exploiting the security hole.

So say you visited the New York Times last week. A certain set of code on the page directs your browser to connect to an advertising network’s server and show you advertisements. Unfortunately, one of the ad networks the Times uses was recently compromised, directing site visitors to a malicious server that delivers the Angler exploit kit. Angler, which according to Trend Micro exploits security flaws in browser plug-ins like Adobe Flash and Microsoft Silverlight, is then able to download malware and ransomware onto the site visitor’s computer.

Plug-ins are a remnant of a bygone Internet era. Back in the day, browsers didn’t include ways to watch videos or play animations. So third party companies created plug-ins, small programs (separate from the browser) that do the job. Now, most browsers include the code to do these jobs natively. And for other new capabilities, developers are creating extensions, or add-on features of the browser, which don't have the vulnerabilities of plug-ins. Websites have mainly adapted to this change. For instance, YouTube doesn’t use Flash to play videos anymore and Netflix doesn’t use Silverlight.

Just because you're not using a plug-ins, that doesn't mean you aren't vulnerable. Even if a plug-in isn’t required for any of  the websites you visit, it’s still installed and can leave you vulnerable, especially if it's not kept up to date. And that means exploit kits like Angler can install malware onto your computer.

The three most-exploited plug-ins are Silverlight, Flash and Java. So you should check which plug-ins are installed in your browser and uninstall or disable them.

How to disable plug-ins

If you use Chrome, type "chrome://plugins/" into your search bar and press enter. If you want to disable them temporarily, just click “Disable.” If you receive messages on certain sites that you need to run these plug-ins, just follow the same instructions and press “Enable,” instead.

Firefox users should type "about:addons" into their browsers, then select “Plugins” at the left of the window. This will open a page that shows all of the plug-ins installed in Firefox. You can then choose whether you want to activate the plug-in always, never or after asking permission.

If you’re still using Internet Explorer (although you really shouldn’t be because Microsoft isn’t updating the browser anymore, leaving you even more vulnerable to attacks), click the Tools button, then select Manage add-ons. In Show, click All Add-ons, then select the particular add-on you want to turn off, hitting disable.

Safari users should click Preferences from the Safari menu, click the Security tab, then click the Plug-in Settings button. You can then turn the plug-ins on or off.

Microsoft Edge users don’t have to worry about plug-ins, because they’re not even available on the browser.

How to uninstall plug-ins

Since plug-ins are programs, you'll have to uninstall them the same way you would any other program. 

If you’re a Windows 10 user, go to Settings > System > Apps & features and search for the plug-in you’re looking for. You can then select “Uninstall.” For earlier versions of Windows go to Control Panel > Programs and Features an select the program you want to uninstall and click on "Uninstall.". 

Mac users have a few more steps for their process. Open Finder, then select “Go,” then “Computer,” and open your startup disk. The majority of users’ startup disk is called “Macintosh HD.” Open the Library folder and then the Internet Plug-ins folder. From there, you can right click on any of the plug-ins that are outdated or that you don’t use and send them to the trash.

For an added layer of security, check out our guide to the best antivirus software.

[Concept of network security via enzozo/Shutterstock]



Discussion loading

gravatar

AdBlockers 4 Ever !

From Ernesto Colina on March 17, 2016 :: 12:32 pm

And then they are crying why we use Adblockers.
It’s like the saying : “Always use protection”.

Reply

gravatar

browser details

From Rich on March 17, 2016 :: 5:00 pm

“Now, most browsers include the code to do these jobs natively.”
Do you have a list of those versions that do?

Reply

avatar

All the major browsers

From Josh Kirschner on March 21, 2016 :: 5:51 pm

Any of the major browsers will come preinstalled with code to handle video, either using Flash or html 5, or both. Safari is the one exception that come to mind that requires you to add a Flash plugin manually. Other browsers, like TOR, will have Flash disabled by default to maintain anonymity will browsing (it’s possible to use Flash to uncover your true IP address).

Reply

gravatar

thanks

From Rich on March 21, 2016 :: 5:59 pm

Thanks for the response. Reading between the lines, all the older versions (on older OS machines) will NOT have this “preinstalled” software, then. In other words, all the updates issued by Safari, for instance, for older OS will still need Flash, etc. Right?

Reply

avatar

OS X and above did not incude Flash

From Josh Kirschner on March 21, 2016 :: 6:08 pm

Apple stopped including Flash starting with OS X. Though it’s possible to install manually, as you would any other plugin. You may be able to get away without it. But Flash is still used in many web apps and you may find certain features or sites don’t work without it.

gravatar

plugins??

From Mary Ellen Hatcher on March 17, 2016 :: 7:39 pm

How do I know if I need the plugins?
widevine content decryption module
native client
adobe flash player
chrome pdf viewer

Reply

avatar

You will get prompted to enable or install if needed

From Josh Kirschner on March 21, 2016 :: 5:59 pm

Those plugins are all standard Chrome features, but you may not need the top three. The Widevine Decryption plugin is used for viewing copy-protected videos on Netflix and other services. Native client is used by some games and other apps, but not common. Adobe Flash we discuss above. Chrome PDF viewer you should keep because it allows you to view PDF documents directly through the browser, rather than downloading the, and then opening in Adobe.

If you ever disable a plugin and then an app needs it in the future, you’ll get a notification and you can always re-enable it.

Reply

gravatar

IE11

From Bob on March 25, 2016 :: 3:07 am

IE11 still gets monthly updates.

Reply

gravatar

Plugins removed

From Ruth Ann Copeland on April 10, 2016 :: 5:23 pm

To make Mac faster and safer you recommend getting rid of Adobe Flash Player.  I did and now I can’t listen to AM radio or play Yahoo games.  What do you recommend downloading that is safe to listen to AM radio and play games?

Thank you,

Ruth Ann

Reply

© 2015 Techlicious LLC. Home | About | Meet the Team | Sponsorship Opportunities | Newsletter Archive | Contact Us | Terms of Use | Privacy Policy

site design: Juxtaprose