Time to trash Flash? If you’re not ready for that, you must update Adobe Flash now

Graham Cluley

Time to trash Flash? If you're not ready for that, you must update Adobe Flash now

Trash flash
As I discussed in an article on ESET’s We Live Security blog, a critical security hole has been found in Adobe Flash, leaving Windows, Mac, Linux and Chrome OS users at risk from in-the-wild attacks.

The good news is that Adobe issued a patch earlier today which addresses the zero-day vulnerability and other flaws in its Flash product.

To learn more about the patch, check out this article on ThreatPost.

As I see it, Adobe Flash users have three main choices:

1. Update Adobe Flash as soon as possible – read our instructions on how to update Adobe Flash.

2. Update Adobe Flash as soon as possible *and* stop allowing Flash objects to render automatically in your browser to reduce your attack surface. You should read our instructions about how to enable “Click to Play”.

3. Throw Adobe Flash on the garbage heap once and for all. You should read our instructions on how to uninstall Adobe Flash.

There are some other options (for instance, not having the Flash plugin installed on your main browser, but having a secondary browser on standby for those occasions when you have to visit websites which insist you have Flash enabled), but the three choices above are probably the main ones.

Which will you choose?

Good luck.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

12 Replies to “Time to trash Flash? If you’re not ready for that, you must update Adobe Flash now”

    1. So do many other news sites, CBC for instance.
      No problem as most of the videos are on YouTube which no longer requires Flash.

      As I've mentioned before I have lived quite happily without Flash for a couple of years now. It is no big deal just some videos are unavailable.

      I have yet to run into a problem where an entire page won't load due to not having Flash.

    2. A workaround for Chrome: Shift+Ctrl+I to get the developer tools, then Shift+Ctrl+M to change the device mode – select iPad and reload the page. The video will play…

  1. Trash that Flash!

    I have been surprised how it's no longer required for my day-to-day surfing. If a site requires flash then I do not use it.

    Freedom

  2. Pay attention when you do update though. Adobe automatically selects the boxes for the following "optional offers":

    * Yes, install the free McAfee Security Scan Plus utility to check the status of my PC security. It will not modify existing antivirus program or PC settings.

    * Yes, install True Key™ by Intel Security to say goodbye to the hassle of passwords.

    I hate it when they automatically opt you in. If I want it, I'll click it for cryin' out loud.

  3. How do you update Flash if you have Windows 10? Adobe won't supply an update for IE if you have Win10, and Microsoft update is not currently providing an update for IE.

    Alternatively, how do you remove Flash from IE without removing it from Firefox?

    1. The Internet Explorer and Edge browsers in Windows 10 already have Adobe Flash installed and are automatically updated just like Google's Chrome browser.

  4. Surfing the web has become like answering telephone calls. With calls, I just quit answering any call that is not from someone I know (which is likely to be someone I don't want to know); anyone important will leave a message. With the web, when I open a webpage that has a Flash video, I just ignore the video like a do an unknown caller. (I put in the Flash blocker a couple of years ago so that I can see the page without the videos automatically playing.)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET EMAIL UPDATES