Adobe Issues Yet Another Emergency Flash Update

AlphaAtlas

[H]ard|Gawd
Staff member
Joined
Mar 3, 2018
Messages
1,713
Yesterday, Adobe pushed out an emergency update to Flash. According to Adobe, the "critical" vulnerability could lead to arbitrary code execution, putting any browser that autoruns flash plugins at serious risk. In a deviation from their usual policy of issuing security updates on patch Tuesday, Microsoft already pushed out a fix via Windows Update. All this probably sounds familiar, as Flash has suffered from similar "critical" vulnerabilities in recent years. Fortunately, Adobe has plans to retire the software in 2020, but I wouldn't be surprised if more critical vulnerabilities pop up before then.

Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address a critical vulnerability in Adobe Flash Player 31.0.0.148 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user. Technical details about this vulnerability are publicly available.
 

Bigbacon

Fully [H]
Joined
Jul 12, 2007
Messages
18,649
they should just kill it now, 100%. Stop allowing it to be downloaded, send an update that uninstalls the damn thing from the computer or at least destroys it enough that it can't be used.
 

katanaD

[H]ard|Gawd
Joined
Nov 15, 2016
Messages
1,987
and the fun side of this.. client got a message they needed to update flash yesterday.. opens browser to search for flash.. and downloads it from crappy infested site.. oh joy
 

benedict

n00b
Joined
Nov 13, 2018
Messages
37
they should just kill it now, 100%. Stop allowing it to be downloaded, send an update that uninstalls the damn thing from the computer or at least destroys it enough that it can't be used.
How about no? Flash is awesome.
 

Nobu

Supreme [H]ardness
Joined
Jun 7, 2007
Messages
5,904
they should just kill it now, 100%. Stop allowing it to be downloaded, send an update that uninstalls the damn thing from the computer or at least destroys it enough that it can't be used.
I thought they were going to kill it shortly after they stopped supporting npapi, and then enabled html5 export on their flash tools, but I guess not.
 

Merc1138

2[H]4U
Joined
Sep 25, 2010
Messages
2,128
How about no? Flash is awesome.
Flash needed to die 15 years ago. Make it open source, let someone else develop a player for it so people can keep playing their favorite ytmnd and newgrounds animations from 2003 or whatever, and get that crap off out of modern browsers completely. It's been nothing but a security mess from almost the start.
 

benedict

n00b
Joined
Nov 13, 2018
Messages
37
Flash needed to die 15 years ago. Make it open source, let someone else develop a player for it so people can keep playing their favorite ytmnd and newgrounds animations from 2003 or whatever, and get that crap off out of modern browsers completely. It's been nothing but a security mess from almost the start.
It's not more dangerous than any random executable you download from the internet.
 

DedEmbryonicCe11

[H]ard|Gawd
Joined
Jun 6, 2006
Messages
1,589
Fortunately, Adobe has plans to retire the software in 2020, but I wouldn't be surprised if more critical vulnerabilities pop up before then.
So in other worlds, we'll still need to update it regularly in 2022-23 because old software never gets retired on schedule.
 

Merc1138

2[H]4U
Joined
Sep 25, 2010
Messages
2,128
Didn't know people still use flash. Why is flash still alive?
Apparently because people like benedict above want it? There's all sorts of companies and organizations that still use flash on their websites, and it's completely absurd. Of course the real reason they don't update is because they don't have to.
 

Dead Parrot

2[H]4U
Joined
Mar 4, 2013
Messages
2,831
and the fun side of this.. client got a message they needed to update flash yesterday.. opens browser to search for flash.. and downloads it from crappy infested site.. oh joy

Wonder if they used one of the sites offering infected installers that really do provide a current clean copy of flash while the installer infects the machine. Says something when even the bad guys won't use flash.

If you are on the art/pretty web design side of things, flash probably is good and wonderful. For those that have to clean up the trail of flash malware infected machines, it needs to die 5 years ago.
 

Zarathustra[H]

Fully [H]
Joined
Oct 29, 2000
Messages
31,890
Jesus. Why is Flash still a thing in 2018.

Can't we just kill off support for it already? Block it in all the major browsers forcing all sites out there to redesign their pages or be unusable, and just have it over and done with.
 

Galvin

2[H]4U
Joined
Jan 22, 2002
Messages
2,697
I don't even use it anymore. And if a website uses it, I don't use the website
 

Ranulfo

2[H]4U
Joined
Feb 9, 2006
Messages
2,319
It has been auto turned off in Firefox for months hasn't it? I'd practically forgotten about it and hadn't updated it in a few months till recently.
 

Zarathustra[H]

Fully [H]
Joined
Oct 29, 2000
Messages
31,890
I mean, I don't have the flash plugin installed. I think Chrome has its own sandboxed version of flash built into the browser, but I am not 100% sure. I believe you have to manually allow it in the last several versions, but I am not sure about that either. I can't remember.
 
D

Deleted member 243478

Guest
Would someone just take it around the back and put a bullet in its head.
 

daglesj

Supreme [H]ardness
Joined
May 7, 2005
Messages
5,367
What I love is the "Steve Jobs Killed Flash!" articles.

Well he was certainly the slowest killer in history I guess.
 
Top