Skip to main content

Flash patched again, fixes 'critical vulnerabilities'

There's nothing quite like kicking a dead corpse, and that's basically what Adobe is doing with its once powerful product Flash.

Yesterday, the company issued a security update for Flash, one which, according to the company, addresses "critical vulnerabilities that could potentially allow an attacker to take control of the affected system”.

“Adobe is aware of a report that an exploit for CVE-2015-8651 is being used in limited, targeted attacks,” the company said in the patch’s description. “Adobe recommends users update their product installations to the latest version using the instructions referenced in the security bulletin.”

This has been a horrible year for Flash – used countless times by hackers to take control of a victim’s computer, the developers have tried to patch vulnerability after vulnerability, but to no avail.

The Verge says 316 Flash bugs have been discovered this year – meaning Sunday was the only day of the week which was free of new Flash vulnerabilities.

The vulnerabilities – most of them quite dangerous – have prompted big tech companies and services to switch to alternatives.

In January, YouTube dropped the bug-ridden software in favour of HTML5 to handle its video, and in July, Facebook's chief security officer asked for an "end-of-life date for Flash.' That same month, Mozilla partially blocked the once-ubiquitous plugin in its Firefox browser.

But perhaps the worst hit Flash could get happened in December, when Flash developer Adobe started distancing itself from its creation, saying that it will now "encourage content creators to build with new web standards."

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.