Adobe Patches Cross-Platform Flash Vulnerabilities
On Monday, Adobe released important patches for its Flash Player across all platforms. The patches relate to several vulnerabilities in the Flash Player, several of which could potentially have allowed code execution on the target platform. Flash being used in numerous web advertisement platforms, this update is critical.
Just about every version of Flash was affected, from Flash for Windows 10 to Flash Player for Linux. It should be noted that the Linux vulnerability was rated a “3” in priority, whereas other platforms, including ChromeOS, were rated as “1” in priority, by Adobe’s own standards. Windows and Macintosh users who have enabled automatic updates will have already had their systems patched, but in order to check, a list of updated versions is available on the information page at Adobe.
Flash is Dead
Flash has been continually rocked by scandalous security flaws and widespread criticism over the past decade. It has become increasingly nearer to obsolescence as a result of standardized video streaming via HTML5, including Digital Rights Management-friendly HTML5 video such as that used on Netflix. In July, Mozilla began disabling Flash by default in response to earlier security vulnerabilities.
Members of both Google Project Zero and HP’s Zero Day Initiative, as well as about a dozen other individuals and groups, were to thank for the research on Flash Player 19 beta. Google Project Zero would have publicized the vulnerabilities after 90 days whether Adobe had fixed them or not, as they did with Microsoft Windows 10 earlier this year.
Many are predicting the impending end of Flash as YouTube and other major sites have begun to switch over to newer, more open, and more secure standards. It appears that before too long Flash’s primary use may be in advertising, which is mitigated by the widespread use of ad-blocking software. Lead YouTube engineer Richard Leider wrote of HTML5 video on the YouTube blog in July:
These advancements have benefitted not just YouTube’s community, but the entire industry. Other content providers like Netflix and Vimeo, as well as companies like Microsoft and Apple have embraced HTML5 and been key contributors to its success.
Featured image from Shutterstock.