Smiley's Life

SmileyBarry

A geek, gamer and programmer from Israel. I'm primarily a PC gamer with a few PS3 games. I usually post gaming-related content, music and my own thoughts on plenty of things.

Home
Tumblogs
Archive
Subscribe (RSS)
Contact
Random Post
Twitter

Catching Elephant is a theme by Andy Taylor
Social Network Icon Pack by Komodo Media

 

Security tip: Disable unneeded plug-ins

A little while ago, I visited a site which apparently uses browser exploits to infect PCs. Someone who tried to visit it got a notice from his AntiVirus, saying the virus was “JS/Exploit.Pdfka.NXM Trojan”. A short search has shown this is common among PDF files. Luckily, I had Adobe’s “Reader” plug-in disabled in Chrome. If it wasn’t, I may’ve had a virus right now. (Just in case, a virus scan is currently running in the background.)

Cases like this prove just how unsafe plug-ins can be. I suggest to disable any plug-ins you don’t use in your everyday life. It helps lighten the load on your system and lowers the chance a website could infect your computer (without downloading and installing something). To do this on Chrome, click the wrench icon at the right border of the toolbar, and click “Options”. Then switch to the third tab - “Under the Hood” (“Under the Bonnet” for me) - and click on “Content Settings…”. Pick the tab or list item “Plug-ins” (depending on Chrome’s version), and click on the link “Disable individual plug-ins…”.

I suggest disabling the following:

  • “Chrome PDF Viewer” and “Adobe Reader 9” - I don’t like to be surprised with PDFs in my browser. If I want to view a PDF, I’ll just download it like any other file and then use a PDF viewer application to view it. PDF plug-ins tend to take a while to load, plus if you don’t disable them, you can be surprised with carefully-crafted, malicious PDF files.
  • “Microsoft® DRM” - What the hell is this thing? I certainly haven’t used it until now, so why should it be enabled?
  • Java 6” - Java takes a while to load and allows embedded Java to run like a native app, making it a security risk. I barely use Java anyway, so if I ever run into a case where I absolutely need to use Java, and the widget is safe, I’ll enable it.

Plug-ins can be dangerous and pose a security risk due to various exploits that keep getting discovered every now and then. That is why it is recommended to disable those you don’t or won’t use. (Or ones that are more vulnerable to hacks than others, like PDF plug-ins.)