Latest Tech News world
A powerful NMS for monitoring your network, physical & virtual (VMware/ HyperV) servers & other IT devices. Deploy and start monitoring in less than an hour. Trusted by over a million admins world-wide. .
Three new vulnerabilities in Adobe Flash Player have been reported over the past two weeks, triggering a storm of protest and leading Mozilla and Google to ban the plug-in from their Firefox and Chrome browsers, respectively.
"It is time for Adobe to announce the end-of-life date for Flash and to ask the browsers to set killbits on the same day, " Facebook Chief Security Officer Alex Stamos tweeted Sunday.
Flash "currently poses a huge risk to security - these latest events are a perfect example of that, " said Kasper Lindgaard, director of research and security at .
The majority of zero-day vulnerabilities reported this year have targeted Adobe Flash, "so, by having Flash installed and enabled, companies will be exposed to much higher risks, " he told TechNewsWorld.
Adobe is attempting to quell anxieties over the issues.
"The vulnerabilities in Flash Player have already been addressed, " said Adobe spokesperson Wiebke Lips of the three latest flaws.
Adobe released updates Tuesday morning, she told TechNewsWorld.
Blame It on the Hacking Team
The latest Flash Player exploits are the result of the recent breach of the Hacking Team, an Italian firm that unapologetically creates software nasties, including malware, for the United States National Security Agency, the U.S. Drug Enforcement Administration, and various repressive regimes around the world.
That could point to further trouble, because "if Hacking Team had these exploits and was keeping them unpublished, then it's likely other hacking organizations did as well, " Director of Product Management Tim Erlin told TechNewsWorld.
Git Along, Little Plug-in
Flash is proprietary, dated, unreliable, insecure, can't handle touchscreens, guzzles battery juice, and is not suitable for the mobile era, Jobs wrote.
"I and many other Web users hate Flash sites, " wrote "myanr" in a comment on Jobs' accusations. "There's nothing that we need Flash for and very interactive apps can be built without it."
However, "tens of thousands of developers are now making real business applications in Adobe Flex that happen to run in the Flash player, " commented "alangrus" in response to Jobs' letter. "This is the most advanced and richly featured development out there."
"The days of Flash are numbered, " said Ken Westin, a senior security analyst at Tripwire.
Is Adobe the Real Culprit?
The security issues that have plagued Flash over the years have helped accelerate its end of life, contended Westin.
However, users may be to blame if their systems are taken down by a Flash vulnerability, because the majority of them don't update their systems in a timely fashion.
Adobe software has the dubious distinction of being listed in three places in Secunia's top 10 end-of-life programs.
Flash Player 16.x is No. 1, with 78 percent of the market; Adobe Air 3.x is No. 7 with 15 percent of the market; and Adobe Air 2.x is No. 10, with 13 percent of the market.
End-of-Life programs no longer are maintained and supported by the vendor, and they don't receive security updates.
You might also like
Tech News Today
Mobile Application (Easy Smart Touch)