Adobe Flash hit with new ‘critical’ zero-day attack; iOS users unaffected

“Adobe has published another security advisory after the discovery of a ‘critical vulnerability’ in Adobe Flash Player 10.2.152.33 and earlier versions across all major platforms including Windows, Macintosh, Linux, Solaris and Android mobile devices,” Electronista reports.

“According to Adobe, the Zero-Day exploit is being deployed in the wild in ‘targeted attacks’ through a Flash (.swf) file embedded in a Microsoft Excel file delivered as an email attachment,” Electronista reports. “Adobe reports that it is ‘finalizing a fix for the issue,’ but does not expect to have the hole patched until the ‘week of March 21.'”

Electronista reports, “Adobe explains that the exploit can cause a system crash followed by the attacker taking control of compromised systems remotely. In the meantime, users should exercise extreme caution when receiving emails with any type of Flash file embedded within it.”

Read more in the full article here.

MacDailyNews Take: What is this antiquated, walking dead, insecure, Mossberg-fetishized “Adobe Flash” of which Electronista speaks?

(Mac users, use care with any emails containing embedded Adobe Flash files.)

MacDailyNews Note: Note to advertisers: Your Flash-based ads are no longer reaching the most well-heeled customers online: iPhone, iPad, and iPod touch users. If you care about reaching people with discretionary income, you might want to consider dumping your flash-based ads and moving to a more open format that people with money and the will to spend it can actually see.

35 Comments

  1. iOS unaffected, what about OS X?

    That’s why I do not have Flash installed at all on one Mac and use ClickToFlash on the other.

    But there are many Mac users (Windows refugees) who won’t know better and assume you just have to have Flash.

    1. And many employers block flash because it is a ridiculous bandwidth hog. Advertisers need to understand the ever-decreasing iBall share Flash brings.

      Time to move on to greener pastures.

        1. Your client blocks Flash because they do not want their employees playing during the day. It has nothing to do with bandwidth. If you believe it’s bandwidth, your client needs to get a different consultant.

          1. Animated/interactive Flash ads are typically larger than regular banner ads so, yeah, bandwidth hog.

            If you don’t think it’s true then you need to learn what bytes are.

            1. I thought you were my boyfriend? While I was getting tired of you, at least I was loyal. Face it, you aren’t the best looking person on the planet and your personality is pretty void of anything interesting. I mean…who doesn’t want a little animation in their life?

          2. Either you are trolling or you really have no idea of how Flash works.

            Go enjoy those dancing girl ads promising you a lower mortgage rate. Helluva reason not to buy an iPad.

  2. Ever since I switched to the iPad, I really miss my Flash. But sometimes, enough is enough. I was tired of all the shennanigans and all the running around was just killing my battery life. I wonder what Green Hornet is doing?

  3. ClickToFlash…it’s a beautiful thing. I like the gradient gray boxes instead of the garish, flashing ads for penis enlargement. I get to choose whether I want to run a Flash file on my Mac. And exploits can’t run without my permission.

  4. Not meaning to start a street brawl here, but is it poor ActionScript programming in Flash that makes it such a resource hog, or is it simply inherent to the platform. I use Click to Flash, but when I do load a Flash enabled site, I don’t always see resources being zapped. I use iStat Pro to watch CPU consumption.

    1. Your correct logic is lost on this crowd. The same can be said for Browser crashes. When I get them, it is never due to Flash. It is always due to poor programming in javascript attempting to download a file or handling a login. But, logic on this forum is lost.

      1. If poor actionscript programming is what makes Flash a resource hog, then holy shit, every single actionscript programmer ever must really, really suck.

        Or, wait, maybe Flash itself is badly programmed. That’s a bit more likely. That’d also explain all the crashing. And also why Adobe still can’t create mobile a version of Flash that works correctly after several years of trying. Their employees really, really suck at programming.

        Oh yeah, and when you say Flash never crashes your browser, that’s when people know you’re lying. Maybe you should quit saying that, you know, for your own sake?

        1. I’m not sure what you guys are arguing about. This is just a Flash bash without any facts. When someone says Flash is a memory or bandwidth hog…compared to what? Quicktime? RealPlayer? What? Certainly, Flash uses more bandwidth than a static image or non-animated option. If you want animation without bandwidth use, what is the option? Seriously. I gather most of this group does not want animation or they want control over the animation. Not wanting animation is certainly in the very small minority of internet users. Also, given the choice, I would bet the vast majority of iOS users would opt for Flash until something else more attractive came out. Right now, it is Flash or nothing. This group opts for nothing. No argument from me. But, I prefer the animation and would like my iPhone much more if it had it. I would have bought an iPad last Friday if it had it.

          1. Where are your facts? You are spouting opinions left and right.

            “Not wanting animation is certainly in the very small minority of internet users.” – doubt it

            “Also, given the choice, I would bet the vast majority of iOS users would opt for Flash until something else more attractive came out.” – I’ll take that bet.

      2. Logic is not lost on most of us. But your extremely poor attempts to annoy everyone are pathetic. You will have to search very hard to find a Flash supporter in these parts. Troll on to another forum where your inputs might be appreciated. Perhaps the Rug Rats or the Barney Fan Club…

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.