UPDATE (July 15): Adobe released an update to Flash Player Tuesday in order to fix the security vulnerabilities affecting the software. The company said it is working to push the update out to users and working with browser vendors to distribute the updated player.
“Flash Player is one of the most ubiquitous and widely distributed pieces of software in the world, and as such, is a target of malicious hackers. We are actively working to improve Flash Player security, and as we did in this case, will work to quickly address issues when they are discovered,” read a blog post about the security updates.
“We continue to partner with browser vendors to both improve Flash Player security as well as invest in, contribute to and support more modern technologies such as HTML5 and JavaScript.”
Mozilla has also lifted its block on Flash Player, which means the software will once again run automatically for users running its Firefox web browser.
An Adobe spokesperson added that the company works closely with browser vendors – such as Mozilla – on many security initiatives, including blocking vulnerable software versions and directing users to download the latest updates.
——
TORONTO – The end may be near for Adobe Flash now that a series of major security flaws found in the software have been made public.
- B.C. introduces legislation recognizing Haida Gwaii Indigenous title
- Whale experts confident B.C. orca calf will survive, find family if rescue plan succeeds
- Plastic production cap still contentious as Ottawa set to host treaty talks
- Chemical plant shuts down after high benzene levels detected near Ontario First Nation
Mozilla has blocked Flash from running on every version of its Firefox web browser; meanwhile, Facebook’s head of security is calling on Adobe to pull the plug on the software for good.
The Flash revolt comes after a series of security vulnerabilities found in the software were released online as a result of a cyber-attack on Italian surveillance firm Hacking Team.
READ MORE: Major Adobe Flash security flaw discovered in Hacking Team leak
One of the bugs – which affects Windows, OS X, and Linux, and can be used against browsers like IE, Firefox, Chrome, and Safari –would allow attackers to hijack targeted computers through a flaw in Flash Player.
While Adobe has issued a fix for that particular vulnerability, it is still working on a fix for the remaining vulnerabilities. But security experts are warning that malicious actors are already exploiting the flaws.
Flash Player is widely used on many websites for video, multimedia and interactive features.
On its support page, Mozilla said all versions of Flash will be deactivated by default until “Adobe releases an updated version to address known critical security issues.”
“Some websites use Adobe Flash to display content. However, attackers can also use the security flaws in Flash to run malicious software on your computer and gain access to your system,” reads Mozilla’s warning.
Firefox users who still want to use Flash can set their browser to “click to play,” so that Flash only runs when you click to activate it – however, Firefox will still display a warning that the software is vulnerable.
Facebook’s head of security Alex Stamos took to his Twitter account to call on Adobe to pull the plug on the software.
In a follow up tweet, Stamos said Adobe should set an end-of-life date for Flash Player – even if it’s a year from now – so the industry has time to switch to new technology.
It’s unclear if Facebook, which still uses Flash Player to operate some games and third party apps on its website, is planning to ditch the software.
Some experts already consider Flash Player to be out of date technology. Alternatives to the software – such as Microsoft Silverlight and HTML5 — are already being used by many popular websites.
How to check if you have Flash Player enabled on your browser
If you are worried about security concerns with Flash Player you can always disable the plugin on your web browser to avoid issues (if you aren’t using Firefox, that is).
Chrome
Go to chrome://plugins/ to see a list of your current plugins. Once you spot “Adobe Flash,” select “disable.”
Safari
Under the “Safari” menu, open the Preferences tab and select “Security.” Then click on “website setting options” – next to the “Internet plug-ins” option – and find “Adobe Flash Player.” If you want to stop Flash from working altogether select “block,” or select “ask” if you want to click to allow Flash to run on trusted websites.
Internet Explorer
Go into IE’s main browser setting menu and select “manage add-ons.” Then click “Shockwave Flash Object” and select “disable.”
Comments