There is a new mac os x trojan which tricks the user by posing as a flash upgrade. I downloaded a file which may be the trojan last week. It is called install_flash_player_osx_intel.dmg, and it is size 6,376,888 bytes. Today I went to get.adobe.com manually and downloaded the legitimate install_flash_player_osx_intel.dmg, and it is size 6,365,350 bytes.
I also acquired an application last Wednesday at the same time as the install_flash_player_osx_intel.dmg appeared, called 'Adobe Flash Player Install Manager' in my /Applications/Utilities directory.
Is the 6,376,888 bytes file legit? Is '/Applications/Utilities/Adobe Flash Player Install Manager' legit? Is there any published hash values for adobe software or other tools to ensure that what users download is the real software?
(Is everyone -- like me -- who turned on the 'Check for updates automatically' in the Flash pane of System Preferences a complete fool? Ok, I know the answer to that. *sigh*)
> Is '/Applications/Utilities/Adobe Flash Player Install Manager' legit?
Using flashplayer11_rc1_install_mac_090611.dmg from Adobe, Install Adobe Flash Player.app does write to that path. Here's an fseventer view of things: