22 June 2016

Adobe Flash Player critical update recommended

As reported by Krebs On Security:
Adobe on Thursday issued a critical update for its ubiquitous Flash Player software that fixes three dozen security holes in the widely-used browser plugin, including at least one vulnerability that is already being exploited for use in targeted attacks.

The latest update brings Flash to v. 22.0.0.192 for Windows and Mac users alike. If you have Flash installed, you should update, hobble or remove Flash as soon as possible.

The smartest option is probably to ditch the program once and for all and significantly increase the security of your system in the process...

If you choose to update, please do it today.
Details and resource links here.

4 comments:

  1. any suggestions for a replacement after ditching?

    I-)

    ReplyDelete
  2. I strongly recommend removing it. For years Adobe has been a major vector for the most common type of attack faced by the average user, the so-called drive-by download.

    Using either flaws in flash or flaws in the adobe reader attackers will place malicious flash code or an embedded 1x1 pixel corrupt pdf in the corner of a page or in a hidden frame. This malformed code / pdf will cause the corresponding adobe product to malfunction in a way the attacker can use to gain a foothold on the system.

    For the reader I would recommend FoxIt as a replacement.

    Unfortunately there is no good Flash Player replacement at this time. But many people don't realize how strong the Flash-must-die movement has grown. For instance you can now watch all YouTube videos using HTML5 which is standard in modern browsers.

    Will there be cute time wasting games you will be unable to play without flash player? Absolutely. Will you bump in to the occasional site that requires it? Yes. I don't want to sugar coat it. But we are all better off if we drive flash to extinction in favor of HTML5.

    And you really should give HTML5 a chance to impress you. It can do a lot of things in an awesome standards compliant way instead of using proprietary adobe software.

    ReplyDelete
    Replies
    1. Here's a good link with instructions on how to disable Adobe Flash:

      http://www.tomsguide.com/us/disable-flash-how-to,news-21335.html

      Delete
    2. html5, of course! sometimes you get so narrow focused that you forget that html5 is (almost) everywhere.

      I-)

      Delete