This is yet another in Adobe's many attempts to try and save its (in)famous product, that's been like a punching bag for hackers lately, exposing many of the plugin's vulnerabilities. However, the frequent patches and quick responses from Adobe don't seem to be helping the plugin much, as both Google Chrome and Mozilla Firefox have both blocked it.
Commenting on the latest attack on the barely living Flash, BUFFERZONE CEO (opens in new tab), Israel Levy, explains how is it possible that Flash still has unpatched holes, after so many interventions.
"Vulnerabilities are inherent in the many layers of technology that are used to build a modern software application. Adversaries will continue to uncover these vulnerabilities whenever the price is right", Levy told IT Pro Portal via email. "There's a "supply chain" of hackers that uncover vulnerabilities and sell them on the dark net, hackers that create exploit kits, and criminal organizations. And the only way to break is to either:
- Fix every bug in every application - which is simply not an achievable goal
- Isolating the flash session in a virtual container, so that the cost of breaking into the organization is high enough to make the return on investment for the exploit unattractive.
Levy doesn’t, however, see the light at the end of the tunnel for Flash. Asked if he can see Flash ever returning to its former glory, his answer is simple: “NO”.
Both in capital letters.