Google’s efforts to clean up ad injection on the web

A recent post on the Chrome blog discusses Google’s recent efforts to clean up the growing problem of ad injection on the web.

From the post: “Ad injectors are programs that insert new ads, or replace existing ones, into the pages you visit while browsing the web.” If you’re seeing a lot of advertising on all the sites you visit, and much of it seems unrelated to the site, your computer may be running one or more ad injectors.

Ad injectors are unwanted software that is surreptitiously installed on victims’ computers through a variety of tricks, including “marketing, bundling applications with popular downloads, outright malware distribution, and large social advertising campaigns.”

The ad injection ‘ecosystem’ is complex, and at any given time there are thousands of injection campaigns affecting web surfers.

To combat this problem, Google has identified and removed 192 apps – identified as contributing to ad injection systems – from the Chrome Web Store. Improvements in the Chrome Web Store and Chrome itself help to protect against ad injection software. And Google is reaching out to advertising networks, to assist them in eliminating ad injection. Most importantly, Google’s AdWords network policies have been tweaked, to make it more difficult for the perpetrators of ad injection schemes to promote malicious software.

Microsoft updates for May 2015

It’s the second Tuesday of the month, so Microsoft is pushing out another set of updates. This month there are thirteen updates, addressing about 50 vulnerabilities in Windows, Internet Explorer, .NET, Office, and Silverlight. Three are flagged as Critical.

As always with security updates affecting Windows, you should install these as soon as possible.

Two of the updates (MS15-044 and MS15-049) affect Silverlight. Once you install these updates, your version of Silverlight should be 5.1.40416.0, which you can confirm on the Get Silverlight page. Installing from that page will also update Silverlight to version 5.1.40416.0. That’s also the only way you can get the latest version if you’re using Windows XP.

Security updates for Adobe Flash and Reader

Updates for Flash and Reader/Acrobat, released earlier today by Adobe, address a variety of security vulnerabilities “that could potentially allow an attacker to take control of the affected system.”

Flash 17.0.0.188 includes fixes for at least eighteen vulnerabilities, all of which have been flagged as Critical.

Adobe Reader/Acrobat version 11.0.11 addresses seven Critical vulnerabilities.

Anyone still using Flash in a web browser should update Flash as soon as possible. If you use Adobe Reader to open PDF files from unknown sources, you should update Reader as soon as possible. As usual, newer versions of Internet Explorer will auto-update, as will Chrome (to version 42.0.2311.152).