Less than a month after a critical Flash vulnerability allowed an attacker to take control of a Mac, Adobe has issued an emergency update for yet another critical flaw. The latest one is already being exploited by ransomware that encrypts Windows PCs, but while there’s no known exploit for OS X as yet, Adobe says that the same vulnerability exists on all platforms, and users should update immediately …
Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and ChromeOS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.
Adobe is aware of reports that CVE-2016-1019 is being actively exploited on systems running Windows 10 and earlier with Flash Player version 20.0.0.306 and earlier.
Apple often blocks vulnerable versions of Flash in Safari, but as that takes time, it’s best not to rely on this. You can update your version of Flash by visiting Adobe’s update page and hitting the ‘Install now’ button. Flash updates should, of course, be refused from other sites as it’s not unusual for malware-infected fake versions to be offered.
Given the succession of vulnerabilities found in Flash, Steve Jobs’ 2010 essay seems as relevant today as it was then. With an increasing number of people opting to zap Flash from their systems altogether, I think I’m going to try the experiment myself.
Via and photo: Reuters
FTC: We use income earning auto affiliate links. More.
why can’t we just get rid of flash?
It shouldn’t be much longer since Adobe renamed Flash Professional to Animate CC and moved to html5.
You can, and you should!
I uninstalled Flash years ago. I like not needing to update Flash every few weeks.
im on mac… but a few sites still insist on using it…
i just wish all sites will move away from it.
I don’t use flash.
……. and the BBC still insist on Adobe Flash for their news sites on OSX. Why?
My efforts to get a response from the BBC have, so far, failed.
As a world leader in providing news, it is about time that they realised that their are alternatives such as HTML5. They manage for iOS so why not Mac OS?
I am being forced to change my home page to other news providers, which is something I really don’t want to do, just so that I don’t have the bother of dealing with updates to another buggy version from Adobe every week or so.
Hi
You can access the BBC sites in OS X and view content without Flash.
This link explains how…
http://briarkitesme.com/2015/01/26/how-to-nuke-adobe-flash-but-still-access-content/
Flash should go the way of the other dinosaurs – extinction!
I don’t use flash or Java as I see then as very vulnerable points of entry to create havoc and destruction on my systems.
It becomes a real problem for imbedded systems. At work we have a few devices that use old Java for the GUI. They’re behind firewalls and non-public networks so there’s not much risk, but since the self-signed certs were cause for blocking we’re all stuck using Java 6.x. AFAIK the vendor hasn’t done anything to update their devices, if they even can be upgraded. For whatever reason IT has decided that everyone has to use the same locked whitelist, so whitelisting these devices is next to impossible.
Not the first time this sort of thing happened, and I’m certain not the last.
Yep, it’s shocking how companies as large as Cisco continue to leverage flash/java for their systems. Even VMware (world’s number one virtualization platform) uses flash and has actually deprecated features from the full (albeit windows only) client.
I haven’t had Flash installed in 3 or 4 years. I’ve never installed Java on my Macs!
That may be fine for those of you who do not have a home page that uses Flash to ignore it entirely but, as I implied, I prefer BBC News as my home page because i live in the UK. I don’t want to change news providers but am being forced to so do by an organisation which ought to have had this issue sorted years ago..
Cognomen, the work around for BBC sites is to kid them that you’re using an iPad. Enable the Safari’s Debug menu (last checkbox on the Advanced preference tab), then use it to set the User Agent to “Safari – iOS 9.4 — iPad”.
Many thanks to you and to Briar Kit Esme for the instructions on how to get a Flash free Mac – it definitely works!
I think my question still remains as to why the BBC still refuse to do anything about it, now made worse by the ease with which you both have given me a simple work around!
Again, your help is much appreciated.
“I think my question still remains as to why the BBC still refuse to do anything about it…”
Because it’s easier to do nothing. It takes effort and money to do something. And besides, the unwashed masses could not care less about this.
That is the big question. I hit then BBC several times per day and yes it is annoying that they have Flash. Even more annoying because the Debug Menu trick works, so they HAVE everything available in non Flash. They have converted the site already. It’s not like they have to do much if any work to complete the switch. Just push the same content they use on their mobile site to the regular one. Indeed, it would reduce their total workload because they wouldn’t have to support Flash and non Flash content. Why they don’t is really unfathomable to me.
Kill that horse already!!
“With an increasing number of people opting to zap Flash from their systems altogether, I think I’m going to try the experiment myself.”
Ben, it won’t be you conducting an experiment, ‘The Internet works just fine’ without it. Adobe is experimenting though, after they acquired FutureSplash they totally crippled it. But that’s over a decade ago, and Flash never became a proper tool. Useful, but not properly designed, hence all the security issues it has seen in its lifetime.
Remember all the snark from the Fandroids about viewing the ‘real’ Internet? Remember their reaction to Steve Jobs’ open letter about Flash?
Guys, just to let you all know if you are using Google Chrome for Windows or Mac based systems, you will need to update the program as Google Chrome uses integrated flash player, chrome should automatically update but it would be good to check this and make sure Chrome has updated.
To do this –
1. Launch Google Chrome
2. Click the 3 bars in the top left and select ‘Settings’
3. On the left navigation pane select ‘About’
4. Google Chrome should automatically check for an update and should prompt the user to update.
5. After the update Chrome will prompt the user to relaunch
6. Relaunch Chrome!
3 Bars in the top right I mean!!! :)
When, oh when, will we be free from this plague (Adobe Flash)?
You wanna see something really funny?
https://www.24hourfitness.com/MSO.do
THEIR ENTIRE ACCOUNT SECTION, including even logging in, is inside a flash applet. First of all, of all things, WHY did they even build it that way 10-15 years ago? I could understand a flash game many years ago or hell, even now — but a flash…account management section? LOL.
Let’s all shame them (and all like them) into fixing their site to use this little thing called HTML.
Well you shouldn’t have bought Macromedia then, should you. Aholes.
Don’t use Flash. Read the open letters Steve Jobs wrote “Thoughts on Flash”. It’s on Apple site, just google it.
When I recently erased and reinstalled my Mac mini, I did not put Flash back on it. I went a week without needing it, so I removed it from my MacBook Pro. I have not had to reinstall it. Flash is crap. I remember how Steve Jobs was criticized for his stance on Flash. He was right.
I have Chrome which updates itself and Adobe Flash PPAPI listed in Uninstall Programs.
Chrome has Version 21.0.0.216 and Uninstall lists Version 21.0.0.213.
I cannot update the PPAPI program or uninstall it as Chrome is never closed enough!
http://petesqbsite.com/phpBB3/viewtopic.php?f=4&t=4095&p=24050#p24050