Adobe Rushes Another Patch For Critical Flash Player Exploit To Battle-Worn Users

occupy flash
It seems as though most (if not all) Internet users are awaiting the day when Adobe Flash is finally eradicated from the face of the earth. The Adobe Flash Player plugin has long been a security liability, resource nightmare and battery hog (for mobile users). Although Adobe has announced that it is winding down the use of Flash in favor of HTML5 development, we still have to deal with critical exploits until judgment day arrives.

Hence the company has rushed out an emergency patch for Adobe Flash player. According to Adobe, the most serious exploit, CVE-2016-1010, has already been “used in limited, targeted attacks.” In all, the latest security bulletin covers over 20 known security issues in Adobe Flash Player across all major operating system (Windows, OS X, Linux).

The latest bugs squashed range from integer overflows leading to code execution, use-after-free vulnerabilities, heap overflows and memory corruption vulnerabilities.

adobe flash player

Adobe announced the impending death of Adobe Flash back in early December, writing, “Flash has played a leading role in bringing new capabilities to the web. From audio and animation, to interactivity and video, Flash has helped push the web forward.” But the company went on to acknowledged that Flash’s time has likely passed, adding, “Today, open standards like HTML5 have matured and provide many of the capabilities that Flash ushered in.

“Our customers have clearly communicated that they would like our creative applications to evolve to support multiple standards and we are committed to doing that.”

Before Adobe made its announcement about the retirement of Flash in favor of the Animate CC Suite, the tech industry had already made its mind up about Flash. Amazon, Google and Firefox all gave Flash the boot, while more companies including Facebook have abandoned Flash in favor of HTML5. In early February, Google also announced that it would no longer Flash display ads to be uploaded to AdWords and DoubleClick as of June 30th and it will no longer accept the Flash format on the Google Display Network or through DoubleClick starting January 2nd, 2017.

It should be also noted that Adobe Flash Player ended 2015 with over 300 exploits being discovered.


Via:  Adobe
Show comments blog comments powered by Disqus