How to freeze your credit with all three agencies

September 22, 2017


Generated button

  • Online: Visit the Credit Freeze page here
  • By phone: 1-888-909-8872
  • By mail: Request your credit freeze by certified mail using this sample letter. Please note the attachments you must include.
    • Use the following address:
      • TransUnion LLC
        P.O. Box 2000
        Chester, PA 19016


Generated button

  • Online: Visit this page to freeze your credit with EquifaxImportant note: With such high traffic to the website, if you can’t get your request processed, just wait about a week and try again.
  • By phone: 1-800-685-1111 (NY residents please call 1-800-349-9960)
  • By mail: Request your credit freeze by certified mail using this sample letterPlease note the attachments you must include.
    • Use the following address:
      • Equifax Security Freeze
        P.O. Box 105788
        Atlanta, GA 30348


Generated button

  • Online: Visit the Credit Freeze page here
  • By phone: 1-888-EXPERIAN (1-888-397-3742). When calling, press 2 and then follow prompts for security freeze.
  • By mail: Request your credit freeze by certified mail using this sample letter. Please note the attachments you must include.
    • Use the following address:
      • Experian Security Freeze
        P.O. Box 9554
        Allen, TX 75013

What exactly is a credit freeze?

A credit freeze allows you to seal your credit reports and use a personal identification number (PIN) that only you know and can use to temporarily “thaw” your credit when legitimate applications for credit and services need to be processed. The added layer of security means that thieves can’t establish new credit in your name even if they are able to obtain your personal information.

Freezing your credit files has no impact whatsoever on your existing lines of credit, such as credit cards. You can continue to use them as you regularly would even when your credit is frozen.

Freezes have been available for free to victims of identity theft for some years, but recently all three of the major credit bureaus adopted new rules that now allow non-victims to have access to credit freezes as well for a small fee. In addition, most states and Puerto Rico have adopted laws establishing credit freezes for residents of their state.

Residents of various states may also freeze the credit reports of their minor children. Visit the National Conference of State Legislatures to see what the law is in your state.

The cost ranges from about $3 to $10 per person per bureau to freeze a credit report; a couple of states have higher fees.

*When you do a credit freeze, it is imperative that you freeze your credit with all three bureaus.*

When shouldn’t you freeze your credit?

If your credit reports are accessed often for work or because you create new accounts with various financial institutions on a regular basis, it is not recommended that you freeze your accounts. The costs to regularly “thaw” your reports would tend to be excessive.

How/when to thaw your credit

The cost to “thaw” your reports for one creditor — or for a specific period of time — ranges from free to $10.

Four states remove your credit freeze automatically after seven years. These states are Kentucky, Nebraska, Pennsylvania and South Dakota.

In most states, your credit freeze remains permanently on your files until you request removal. But not so in the states listed above, according to the Consumers Union’s guide to security freeze protection.

If you’re a resident of one of these states, pay close attention. You’ll need to set some kind of calendar reminder for seven years from the date of placement. That will serve as a reminder to refresh your credit freeze status before it drops off your radar completely and you go months or years without this key protection against identity theft!

Below you’ll find directions and links to assist you in obtaining your credit freeze or thaw from each major bureau.

Detailed instructions: How to freeze and thaw your credit with each agency


  • Credit freezes may be done online or by certified mail – return receipt requested.
  • Check your state’s listing for the exact cost of your credit freeze and to see if there is a reduction in cost if you are a senior citizen.
  • Request your credit freeze by certified mail using this sample letter. Please note the attachments you must include.
  • If your PIN is late arriving, call 1-888-298-0045. They will ask you for some ID and arrange for your PIN to be sent to you in 4-7 days.
  • Unfreeze: Do a temporary thaw of your Equifax credit freeze by snail mailonline or by calling 1-800-685-1111 (N.Y. residents dial 1-800-349-9960).
  • Info on freezing a child’s credit with Equifax can be found here.
  • If requesting a freeze by mail, use the following address:
    • Equifax Security Freeze
      P.O. Box 105788
      Atlanta, GA. 30348


  • Credit freezes may be done online; by certified mail – return receipt requested; or by calling 1-888-EXPERIAN (1-888-397-3742). When calling, press 2 then follow prompts for security freeze.
  • Check your state’s listing for the exact cost of your credit freeze and to see if there is a reduction in cost if you are a senior citizen.
  • Request your credit freeze by certified mail using this sample letter. Please note the attachments you must include.
  • You can also freeze a child’s credit report. The information contained at this link is applicable for all three credit bureaus. You must first write a letter to each bureau to learn if your minor child has a credit report and if so, then you can proceed to freeze it.
  • Unfreeze: Do a temporary thaw of your Experian credit freeze online or by calling 1-888-397-3742.
  • Info on freezing a child’s credit with Experian can be found here.
  • If requesting a freeze by mail, use the following address:
    • Experian
      P.O. Box 9554
      Allen, TX. 75013


  • Credit freezes may be done online, by phone (1-888-909-8872) or by certified mail – return receipt requested.
  • Check your state’s listing for the exact cost of your credit freeze and to see if there is a reduction in cost if you are a senior citizen.
  • Request your credit freeze by certified mail using this sample letter. Please note the attachments you must include.
  • Unfreeze: Do a temporary thaw of your TransUnion credit freeze online or by calling 1-888-909-8872.
  • Info on freezing a child’s credit with TransUnion can be found here.
  • If requesting a freeze by mail, use the following address:
    • TransUnion LLC
      P.O. Box 2000
      Chester, PA 19016

The Equifax Breach: What You Should Know

September 22, 2017

It remains unclear whether those responsible for stealing Social Security numbers and other data on as many as 143 million Americans from big-three credit bureau Equifax intend to sell this data to identity thieves. But if ever there was a reminder that you — the consumer — are ultimately responsible for protecting your financial future, this is it. Here’s what you need to know and what you should do in response to this unprecedented breach.

Some of the Q&As below were originally published in a 2015 story, How I Learned to Stop Worrying and Embrace the Security Freeze. It has been updated to include new information specific to the Equifax intrusion.

Q: What information was jeopardized in the breach?

A: Equifax was keen to point out that its investigation is ongoing. But for now, the data at risk includes Social Security numbers, birth dates, addresses on 143 million Americans. Equifax also said the breach involved some driver’s license numbers (although it didn’t say how many or which states might be impacted), credit card numbers for roughly 209,000 U.S. consumers, and “certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers.”

Q: Was the breach limited to Americans?

A: No. Equifax said it believes the intruders got access to “limited personal information for certain UK and Canadian residents.” It has not disclosed what information for those residents was at risk or how many from Canada and the UK may be impacted.

Q: What is Equifax doing about this breach?

A: Equifax is offering one free year of their credit monitoring service. In addition, it has put up a Web site — — that tried to let people determine whether they were affected.

Q: That site tells me I was not affected by the breach. Am I safe?

A: As noted in this story from Friday, the site seems hopelessly broken, often returning differing results for the same data submitted at different times. In the absence of more reliable information from Equifax, it is safer to assume you ARE compromised.

Q: I read that the legal language in the terms of service that consumers must accept before enrolling in the free credit monitoring service from Equifax requires one to waive their rights to sue the company in connection with this breach. Is that true?

A: Not according to Equifax. The company issued a statement over the weekend saying that nothing in that agreement applies to this cybersecurity incident.

Q: So should I take advantage of the credit monitoring offer?

A: It can’t hurt, but I wouldn’t count on it protecting you from identity theft.

Q: Wait, what? I thought that was the whole point of a credit monitoring service?

A: The credit bureaus sure want you to believe that, but it’s not true in practice. These services do not prevent thieves from using your identity to open new lines of credit, and from damaging your good name for years to come in the process. The most you can hope for is that credit monitoring services will alert you soon after an ID thief does steal your identity.

Q: Well then what the heck are these services good for?

A: Credit monitoring services are principally useful in helping consumers recover from identity theft. Doing so often requires dozens of hours writing and mailing letters, and spending time on the phone contacting creditors and credit bureaus to straighten out the mess. In cases where identity theft leads to prosecution for crimes committed in your name by an ID thief, you may incur legal costs as well. Most of these services offer to reimburse you up to a certain amount for out-of-pocket expenses related to those efforts. But a better solution is to prevent thieves from stealing your identity in the first place.

Q: What’s the best way to do that?

A: File a security freeze — also known as a credit freeze — with the four major credit bureaus.

Q: What is a security freeze?

A: A security freeze essentially blocks any potential creditors from being able to view or “pull” your credit file, unless you affirmatively unfreeze or thaw your file beforehand. With a freeze in place on your credit file, ID thieves can apply for credit in your name all they want, but they will not succeed in getting new lines of credit in your name because few if any creditors will extend that credit without first being able to gauge how risky it is to loan to you (i.e., view your credit file). And because each credit inquiry caused by a creditor has the potential to lower your credit score, the freeze also helps protect your score, which is what most lenders use to decide whether to grant you credit when you truly do want it and apply for it.

Q: What’s involved in freezing my credit file?

A: Freezing your credit involves notifying each of the major credit bureaus that you wish to place a freeze on your credit file. This can usually be done online, but in a few cases you may need to contact one or more credit bureaus by phone or in writing. Once you complete the application process, each bureau will provide a unique personal identification number (PIN) that you can use to unfreeze or “thaw” your credit file in the event that you need to apply for new lines of credit sometime in the future. Depending on your state of residence and your circumstances, you may also have to pay a small fee to place a freeze at each bureau. There are four consumer credit bureaus, including EquifaxExperianInnovis and Trans Union.  It’s a good idea to keep your unfreeze PIN(s) in a folder in a safe place (perhaps along with your latest credit report), so that when and if you need to undo the freeze, the process is simple.

Q: How much is the fee, and how can I know whether I have to pay it?

A: The fee ranges from $0 to $15 per bureau, meaning that it can cost upwards of $60 to place a freeze at all four credit bureaus (recommended). However, in most states, consumers can freeze their credit file for free at each of the major credit bureaus if they also supply a copy of a police report and in some cases an affidavit stating that the filer believes he/she is or is likely to be the victim of identity theft. In many states, that police report can be filed and obtained online. The fee covers a freeze as long as the consumer keeps it in place. Consumers Union has a useful breakdown of state-by-state fees.

Q: But what if I need to apply for a loan, or I want to take advantage of a new credit card offer?

A: You thaw the freeze temporarily (in most cases the default is for 24 hours).

Q: What’s involved in thawing my credit file? And do I need to thaw it at all three bureaus?

A: The easiest way to unfreeze your file for the purposes of gaining new credit is to spend a few minutes the phone with the company from which you hope to gain the line of credit (or research the matter online) to see which credit bureau they rely upon for credit checks. It will most likely be one of the major bureaus. Once you know which bureau the creditor uses, contact that bureau either via phone or online and supply the PIN they gave you when you froze your credit file with them. The thawing process should not take more than 24 hours, but hiccups in the thawing process sometimes make things take longer. It’s best not to wait until the last minute to thaw your file.

Q: It seems that credit bureaus make their money by selling data about me as a consumer to marketers. Does a freeze prevent that?

A: A freeze on your file does nothing to prevent the bureaus from collecting information about you as a consumer — including your spending habits and preferences — and packaging, splicing and reselling that information to marketers.

Q: Can I still use my credit or debit cards after I file a freeze? 

A: Yes. A freeze does nothing to prevent you from using existing lines of credit you may have.

Q: I’ve heard about something called a fraud alert. What’s the difference between a security freeze and a fraud alert on my credit file?

A: With a fraud alert on your credit file, lenders or service providers should not grant credit in your name without first contacting you to obtain your approval — by phone or whatever other method you specify when you apply for the fraud alert. To place a fraud alert, merely contact one of the credit bureaus via phone or online, fill out a short form, and answer a handful of multiple-choice, out-of-wallet questions about your credit history. Assuming the application goes through, the bureau you filed the alert with must by law share that alert with the other bureaus.

Consumers also can get an extended fraud alert, which remains on your credit report for seven years. Like the free freeze, an extended fraud alert requires a police report or other official record showing that you’ve been the victim of identity theft.

An active duty alert is another alert available if you are on active military duty. The active duty alert is similar to an initial fraud alert except that it lasts 12 months and your name is removed from pre-approved firm offers of credit or insurance (prescreening) for 2 years.

Q: Why would I pay for a security freeze when a fraud alert is free?

A: Fraud alerts only last for 90 days, although you can renew them as often as you like. More importantly, while lenders and service providers are supposed to seek and obtain your approval before granting credit in your name if you have a fraud alert on your file, they are not legally required to do this — and very often don’t.

Q: Hang on: If I thaw my credit file after freezing it so that I can apply for new lines of credit, won’t I have to pay to refreeze my file at the credit bureau where I thawed it?

A: It depends on your state. Some states allow bureaus to charge $5 for a temporary thaw or a lift on a freeze; in other states there is no fee for a thaw or lift. However, even if you have to do this once or twice a year, the cost of doing so is almost certainly less than paying for a year’s worth of credit monitoring services. Again, Consumers Union has a handy state-by-state guide listing the freeze and unfreeze laws and fees.

Q: What about my kids? Should I be freezing their files as well? Is that even possible? 

A: Depends on your state. Roughly half of the U.S. states have laws on the books allowing freezes for dependents. Check out The Lowdown on Freezing Your Kid’s Credit for more information.

Q: Is there anything I should do in addition to placing a freeze that would help me get the upper hand on ID thieves?

A: Yes: Periodically order a free copy of your credit report. By law, each of the three major credit reporting bureaus must provide a free copy of your credit report each year — via a government-mandated site: The best way to take advantage of this right is to make a notation in your calendar to request a copy of your report every 120 days, to review the report and to report any inaccuracies or questionable entries when and if you spot them. Avoid other sites that offer “free” credit reports and then try to trick you into signing up for something else.

Q: I just froze my credit. Can I still get a copy of my credit report from 

A: According to the Federal Trade Commission, having a freeze in place should not affect a consumer’s ability to obtain copies of their credit report from

Q: If I freeze my file, won’t I have trouble getting new credit going forward? 

A: If you’re in the habit of applying for a new credit card each time you see a 10 percent discount for shopping in a department store, a security freeze may cure you of that impulse. Other than that, as long as you already have existing lines of credit (credit cards, loans, etc) the credit bureaus should be able to continue to monitor and evaluate your creditworthiness should you decide at some point to take out a new loan or apply for a new line of credit.

Q: Can I have a freeze AND credit monitoring? 

A: Yes, you can. However, it may not be possible to sign up for credit monitoring services while a freeze is in place. My advice is to sign up for whatever credit monitoring may be offered for free, and then put the freezes in place.

Q: Beyond this breach, how would I know who is offering free credit monitoring? 

A: Hundreds of companies — many of which you have probably transacted with at some point in the last year — have disclosed data breaches and are offering free monitoring. California maintains one of the most comprehensive lists of companies that disclosed a breach, and most of those are offering free monitoring.

Q: I see that Trans Union has a free offering. And it looks like they offer another free service called a credit lock. Why shouldn’t I just use that?

A: I haven’t used that monitoring service, but it looks comparable to others. However, I take strong exception to the credit bureaus’ increasing use of the term “credit lock” to steer people away from securing a freeze on their file. I notice that Trans Union currently does this when consumers attempt to file a freeze. Your mileage may vary, but their motives for saddling consumers with even more confusing terminology are suspect. I would not count on a credit lock to take the place of a credit freeze, regardless of what these companies claim (consider the source).

Q: I read somewhere that the PIN code Equifax gives to consumers for use in the event they need to thaw a freeze at the bureau is little more than a date and time stamp of the date and time when the freeze was ordered. Is this correct? 

A: Yes. However, this does not appear to be the case with the other bureaus.

Q: Does this make the process any less secure? 

A: Hard to say. An identity thief would need to know the exact time your report was ordered. Unless of course Equifax somehow allowed attackers to continuously guess and increment that number through its Web site (there is no indication this is the case). However, having a freeze is still more secure than not having one.

Q: Someone told me that having a freeze in place wouldn’t block ID thieves from fraudulently claiming a tax refund in my name with the IRS, or conducting health insurance fraud using my SSN. Is this true?

A: Yes. There are several forms of identity theft that probably will not be blocked by a freeze. But neither will they be blocked by a fraud alert or a credit lock. That’s why it’s so important to regularly review your credit file with the major bureaus for any signs of unauthorized activity.

Q: Okay, I’ve got a security freeze on my file, what else should I do?

A: It’s also a good idea to notify a company called ChexSystems to keep an eye out for fraud committed in your name. Thousands of banks rely on ChexSystems to verify customers that are requesting new checking and savings accounts, and ChexSystems lets consumers place a security alert on their credit data to make it more difficult for ID thieves to fraudulently obtain checking and savings accounts. For more information on doing that with ChexSystems, see this link

Q: Anything else?

A: ID thieves like to intercept offers of new credit and insurance sent via postal mail, so it’s a good idea to opt out of pre-approved credit offers. If you decide that you don’t want to receive prescreened offers of credit and insurance, you have two choices: You can opt out of receiving them for five years or opt out of receiving them permanently.

To opt out for five years: Call toll-free 1-888-5-OPT-OUT (1-888-567-8688) or visit The phone number and website are operated by the major consumer reporting companies.

To opt out permanently: You can begin the permanent Opt-Out process online at To complete your request, you must return the signed Permanent Opt-Out Election form, which will be provided after you initiate your online request. 


From: Brian Krebs

Scams, what can you do?

February 16, 2017

Phone scams are nothing new but with a new one going around lately I figured it may be a pertinent thing to talk about. Lately there has been a scam going around where a recording will call your phone and ask if you can hear them, if you say yes your answer is recorded and used to sign you up for all sorts of things without your knowledge just with your answer. It is important to remember to be cautious when you answer your phone just as you would be visiting sites online.

While I understand this may not be possible for everyone I believe a good rule of thumb is to not answer phone numbers you are unsure about, essentially screening your calls. This is something I always do, if the number does not show up on my caller ID as a number I have saved I just don’t answer. If you don’t want to do that another idea is to inquire more information from the caller on the other end, for example instead of just answering a question asking simple things like “who is this?” or “what is this about?” Never just answer a question if you are unsure of who you are speaking to, even if it seems innocent and harmless.

It is important to protect ourselves from strangers who are seeking to do us some sort of harm, even over the phone. For some these things may seem like common sense but it is important to remember and remind us of them every so often. So a word to the wise, be careful when you pick up your phone, not everyone who calls you is your friend 😉

Coupon App to save you $$$ this holiday season and beyond!

December 13, 2016

I just downloaded an App called Honey. This is a coupon app that was originally created by a dad whom apparently just wanted to save a few dollars on pizza but it has become a great money saving tool among millennials. I have an android phone and I am not sure if there is an App for iOS users or not. It seems very user friendly thus far, the first thing I found upon opening the app was a list of local gas prices with the lowest already listed before you even open up the whole list of prices, score!

I need to use the App for a few days before I can give a full report or opinion but so far it seems like a wonderful tool. Things are  categorized by “local” “weekly ad” “favorites” “latest” and so on with a search option, notifications, favorites, and a bar-code search among other menu options. It also breaks things down by type such as “Store” “Restaurant”  and expiration dates of offers. I’m excited to use this for a week or so and report back with my official opinion of “Honey”. Stay tuned!


Using Minecraft to teach Kid’s Programming

November 18, 2016

If you have small children (or big ones) or like the game yourself then you’ve probably heard of Minecraft. Microsoft announced recently that it wants to teach kids to not only play the game but program the game as well. It has been said that coding and programming will be an essential skill in our children’s future and it looks like Microsoft wants to jump on that bandwagon, but who could blame them.

On Tuesday the company released a tutorial for which is a non-profit sponsored by many tech companies to get kids into programming. The tutorial uses “Lego-like” puzzle pieces snapped together in a certain sequence to control an on-screen character, puzzles and video tutorials attempt to explain programming concepts. Many schools are also on board to teach kids coding and programming skills as well.

I think this is a fantastic effort by Microsoft to take an already popular game and get kids involved in a way that could give them vital skills for their future. Bravo Microsoft! Bravo!




Windows 10 Update KB194496

October 14, 2016

In the never-ending saga of Windows 10, Microsoft has recently pushed another update and surprise surprise its broken! The name of the update is KB194496 and its causing widespread problems for users. It doesn’t install correctly, it causes machines to restart and in some cases the update will attempt to install again after the restart causing a never-ending loop of restarts and re-install attempts. Most but not all users have reported issues. What’s even worse is Microsoft was aware of the issue before releasing.


How much more can Microsoft upset consumers with Windows 10? How will Microsoft rectify the current issue? And when will they stop forcing unwanted things onto their customers? I’m willing to bet blame will always be placed elsewhere and not much will come of a hopeful handle on quality control. How has this updated impacted you? Are you still a satisfied Microsoft customer?

Microsoft’s Timesheet App for iOS

September 23, 2016

Microsoft has released an app called “Office365 Project Time Reporter” that allows you to keep track of and submit your hours from your mobile device (currently only if that device is an Apple product but Microsoft claims a version for Android will be available soon). The app allows you to keep track of hours, non-project work and assignments and save for later editing and submission. All of this is completely independent of location and allows you to input whatever you need to wherever you may be at the time. I am optimistic for this app just for the simple fact of being able to add to, revise and submit your hours regardless of where you are.

I think the app would work great for someone who travels out of the office a lot for work or someone who works from home a lot and is seldomly in the office. Not only can you keep track of hours and projects you can also keep track of overdue tasks and also submit task updates to keep your boss informed of your progress if a project is particularly long. I think the app will come in handy for many business owners and their employees and I applaud Microsoft for its creation.


Can Samsung repair the damage?

September 15, 2016

Samsung has recently pulled it’s commercial for the Note 7 off of the air after the large recall of Note 7 phones due to exploding batteries. They’ve basically given up hope of restoring peoples faith in the smart phone and are hoping to focus energies on an early release of the S8 an S8 edge. But this begs the question, can Samsung repair the damage? Sure they can issue consumers who’ve already bought the Note 7 a new handset, but who is to say that one won’t explode too? They can try to make people forget by releasing the latest version of the S a bit early but is that really going to help? Samsung has already undergone a lot of bad press as of recent and releasing a new version of the S may not be all they need to come back from it. What many, my self included, find interesting is their lack of marketing during this time to try to pull more consumers in. They’ve instead focused their already purchased ad space on things like refrigerators and and TV’s. With Apple about to release their latest iPhone, can Samsung repair the damage that has been done quickly enough to regain profits undoubtedly lost? I suppose time will tell….

RE: Microsoft Confirms Windows 10 New Monthly Charge.

August 26, 2016

So by now I’m sure most of you have heard that Microsoft has announced and confirmed that Windows 10 will now be a subscription service. What does this mean for consumers? Well apparently not much, yet, as Microsoft has also stated that this subscription fee will be for enterprises only. But for how long? How much trust are we willing to instill in that “promise?” We are talking about the company who went in and automatically upgraded users to the service without their permission or knowledge. I’m sure eventually Windows 10 will be a fee-based service for all who use it; Even if you don’t have to incur the fees automatically, like probably those who have already upgraded, I’m sure little features here and there will start having some fee attached to them.

My thoughts? Why fix something that isn’t broken. What I mean by that is, what was wrong with windows 7 or 8? Why do you or I or any average Joe computer user need windows 10? Most millennials don’t even have home computers anymore anyways. Want to save a buck, or 7? Stick to a slightly older but more than sufficient version of Windows and go buy yourself a drink or take yourself to dinner instead ;).

The Flash Patch and the Shocking truth about Shockwave Player

September 21, 2015

Adobe has released a critical software update to fix nearly two-dozen security holes in its Flash Player browser plugin. Separately, I want to take a moment to encourage users who have Adobe Shockwave Player installed to finally junk this program; turns out Shockwave — which comes with its own version of Flash — is still many versions behind in bundling the latest Flash fixes.

If you use and need Flash Player, it’s time to update the program (the latest version is for Windows and Mac users). Google Chrome and Internet Explorer bundle their own versions of Flash (also now at v.; each should auto-update to the latest. Find out if you have Flash installed and its current version number by visiting this page.

Adobe said it was unaware of any exploits in the wild for the vulnerabilities fixed in this Flash release. Nevertheless, I would recommend that if you use Flash that you strongly consider removing it, or at least hobbling it until and unless you need it. Disabling Flash in Chrome is simple enough, and can be easily reversed: On a Windows, Mac, Linux or Chrome OS installation of Chrome, type “chrome:plugins” into the address bar, and on the Plug-ins page look for the “Flash” listing: To disable Flash, click the disable link (to re-enable it, click “enable”). Windows users can remove Flash from the Add/Remove Programs panel, or use Adobe’s uninstaller for Flash Player.

If you’re concerned about removing Flash altogether, consider a dual-browser approach. That is, unplugging Flash from the browser you use for everyday surfing, and leaving it plugged in to a second browser that you only use for sites that require Flash.

If you decide to proceed with Flash and update, the most recent versions of Flash should be available from the Flash home page, but beware potentially unwanted add-ons, like McAfee Security Scan. To avoid this, uncheck the pre-checked box before downloading, or grab your OS-specific Flash download from here. Windows users who browse the Web with anything other than Internet Explorer may need to apply this patch twice, once with IE and again using the alternative browser (Firefox, Opera, e.g.).


In other Adobe patch news, on Sept. 8, 2015 I urged readers who have the Shockwave media player installed to update to the latest version or else junk the program altogether. In an post more than a year ago, I outlined Why You Should Ditch Adobe Shockwave, noting that the program bundles a component of Adobe Flash that was more than 15 months behind on security updates.

I checked back with Adobe last week to find out whether the version of Shockwave that the company released earlier this month is caught up on Flash flaws. Turns out, it’s still woefully behind. The version of Shockwave released just two weeks ago bundles the Flash runtime, a version of Flash that Adobe released in February 2015.

Translation: The version of Shockwave that Adobe released two weeks ago lacks fixes for a whopping 155 vulnerabilities in Flash that can be used to backdoor virtually any computer running it! Included in those missing fixes are patches for a half-dozen Flash flaws that were being actively exploited at the time they were fixed in Flash Player.

Not sure whether your computer has Shockwave installed? If you visit this link and see a short animation, it should tell you which version of Shockwave you have installed. If it prompts you to download Shockwave (or in the case of Google Chrome for some reason just automatically downloads the installer), then you don’t have Shockwave installed. To remove Shockwave, grab Adobe’s uninstall tool here. Mozilla Firefox users should note that the presence of the “Shockwave Flash” plugin listed in the Firefox Add-ons section denotes an installation of Adobe Flash Player plugin — not Adobe Shockwave Player.