“Ugh, another Flash exploit?!” Susie Ochs question-exclaims for Macworld.
“BGR reported Thursday that Adobe has confirmed ‘a major security vulnerability that affects all versions of Flash for Windows, Mac, and Linux,'” Ochs reports. “Adobe says this vulnerability is being used by hackers, although for very targeted attacks — phishing, in other words. ‘Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system,’ Adobe says in its security bulletin.”
“We all like to think we’re smart enough to avoid phishing scams — and I’m sure you are! And we’d like to think Adobe will get this patched soon—the company says it hopes to do that next week,” Ochs reports. “But if you really want to be safe from this flaw, and the next, and the next, and the next, there’s one foolproof step you can take: Uninstall Flash.”
How to uninstall Abode’s Flash from your Mac here.
MacDailyNews Take: Only good things can come from this.
We also know first hand that Flash is the number one reason Macs crash. We have been working with Adobe to fix these problems, but they have persisted for several years now. — Steve Jobs, April 29, 2010
SEE ALSO:
Adobe confirms major Flash vulnerability, and the only way to protect yourself is to uninstall Flash – October 15, 2015
Adobe’s bloated, insecure Flash must die – July 15, 2015
Steve Jobs posts rare open letter: Thoughts on Flash – April 29, 2010
Excised!
Clean InstaaaaaaaaaåaLLLL ?!?!
always clean instaaaaal (o f* it!
When is the funeral?
No matter how many nails go into the coffin, it keeps oozing out.
Nuke it from orbit. It’s the only way to be sure.
I’d like to know where that movie quote came from.
Aliens, I believe. If I’m not mistaken, it was Bill Paxton’s character, pvt Hudson.
I believe Ripley was the first one to say it. 🙂
I have it installed but disabled. No security risk and I still have it if the need was to come up.
Flash? What’s that?
Gone!
I was tired of this crap.
It’s time that we moved on. Use HTML5. It works great.
Sadly, there is functionality in Flash that isn’t reproducible in HTML5. I expect there’s a way to reproduce it in all tandem with JavaScript (IOW: ECMAScript), which ideally is where we should be going.
Adobe posted an update of this software this morning. Flash Version 19.0.0.226.
Adobe reports this security vulnerability in Flash Player 19.0.0.207 and earlier versions for Windows and Macintosh
Got rid of that huge POS a long time ago.
On my machine, YouTube videos will not play after uninstalling Flash unless AdBlock is disabled.
If you mean the real, original AdBlock, you can White List YouTube. But I’ve personally never run into this problem.
Wait… don’t phishing attacks require the attacked party to OK the (unknown) attack by giving permission to do something?
Wouldn’t that mean that this isn’t just some particular vulnerability in the coding of Flash that works without your permission?
HAPPY NEWS (???)
Adobe has pushed out Flash version 19.0.0.226 today, which patches the current zero-day exploit going on in-the-wild. You can read the Adobe Security Bulletin about it here:
https://helpx.adobe.com/security/products/flash-player/apsb15-27.html
Whether you want to actually reinstall this POS is another matter.
Halloween ScARiNeSS!
Researching a blog article I just posted posted about the Flash mess, I just dug up an article from ZDNet, dated 2009-08, pointing out that:
Research: 80% of Web users running unpatched versions of Flash/Acrobat
👻 👻 👻
Unfortunately the web is still populated by elements which rely on flash. There is a middle ground – I use an extension which blocks flash unless I click to allow it for a specific element.
Haven’t had Flash on my home Mac for years now. However, we do still keep it alive and updated (what a chore!) at work, because, alas, a lot of people still use it, or use web sites that still do.