Using Adobe Flash? You should patch it pronto

Graham Cluley

FlashIf you still have Adobe Flash installed on your computer, you should patch it pronto – regardless of whether you are running Windows, OS X or Linux.

Yesterday, Adobe released a Godzilla-sized patch that fixes a sea of over 30 different security vulnerabilities in Flash and Adobe AIR.

“Adobe has released security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.”

Sign up to our newsletter
Security news, advice, and tips.

Adobe’s recommendation is that Windows and Mac users of Flash update to Adobe Flash Player, while Linux users should update to version

(Dontcha just love Adobe’s version number system, by the way?)

If left unpatched, it’s possible that malicious hackers could exploit the vulnerabilities to infect your computer with malware. The good news is, so far at least, Adobe hasn’t seen any evidence of the vulnerabilities being exploited in the wild.

But don’t let that fool you into thinking that patching isn’t still a high priority.

The most recent version of Flash is always available from the Flash download page.

If you are not sure which version of Adobe Flash you are running on your computer, visit this Adobe webpage which will tell you.

Versions of Adobe Flash Player installed with Google Chrome, Microsoft Edge for Windows 10, and Internet Explorer 10 and 11 for Windows 8.0 and 8.1, should be automatically updated.

But I would also recommend going further than just updating Adobe Flash.

Consider enabling Click-to-Play in your browser, one of the best ways to protect yourself against criminals exploiting vulnerabilities in Adobe’s software.

But, be warned, disabling or nobbling Flash in just your browser may not be enough to protect your computer from infection – as it’s perfectly possible for Flash vulnerabilities to be delivered to your PC by routes other than the web.

Meanwhile, Adobe recommends that users of its AIR desktop runtime, AIR SDK and AIR SDK & Compiler update to version by visiting the AIR download center or the AIR developer center.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

7 comments on “Using Adobe Flash? You should patch it pronto”

  1. If one decides to follow the advice and go beyond Click-to-Play and remove Flash completely, how can one play the video content etc that was previously played through Flash ?
    Is there another player that can take its place ?
    HTML 5 or Quicktime perhaps ?

    1. That rather depends on where the videos you are interested in watching are hosted, and if they offer you the ability to view without needing Flash.

      The top video site is YouTube, of course, and that offers HTML5 playback:

  2. If you are using Flash, you should uninstall it pronto. Yes, there are a few sites that still require Flash, but more these days are using HTML5. I've not missed Flash at all. Youtube works great without it.

  3. I removed Adobe Flash from my Windows boxes about two years ago and haven't missed it.
    Most video sites support HTML 5 now and some that don't allow downloading of the file so there is no big issue except for Facebook and most of those are on YouTube anyway.
    I do have Flash on my PCLinuxOS box and am on my way to update.

  4. Having Chrome means I don't have to worry as much about Flash being updated, however, I still have Click-to-Play enabled. I would disable Flash completely, but some of the sites I visit still use it.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.