Time to trash Flash? If you’re not ready for that, you must update Adobe Flash now

Adobe patches zero-day vulnerability being actively exploited in the wild.

Trash flash
As I discussed in an article on ESET’s We Live Security blog, a critical security hole has been found in Adobe Flash, leaving Windows, Mac, Linux and Chrome OS users at risk from in-the-wild attacks.

The good news is that Adobe issued a patch earlier today which addresses the zero-day vulnerability and other flaws in its Flash product.

To learn more about the patch, check out this article on ThreatPost.

As I see it, Adobe Flash users have three main choices:

Sign up to our free newsletter.
Security news, advice, and tips.

1. Update Adobe Flash as soon as possible – read our instructions on how to update Adobe Flash.

2. Update Adobe Flash as soon as possible *and* stop allowing Flash objects to render automatically in your browser to reduce your attack surface. You should read our instructions about how to enable “Click to Play”.

3. Throw Adobe Flash on the garbage heap once and for all. You should read our instructions on how to uninstall Adobe Flash.

There are some other options (for instance, not having the Flash plugin installed on your main browser, but having a secondary browser on standby for those occasions when you have to visit websites which insist you have Flash enabled), but the three choices above are probably the main ones.

Which will you choose?

Good luck.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky and Mastodon, or drop him an email.

12 comments on “Time to trash Flash? If you’re not ready for that, you must update Adobe Flash now”

  1. Techno

    The BBC News website still requires it.

    1. Spryte · in reply to Techno

      So do many other news sites, CBC for instance.
      No problem as most of the videos are on YouTube which no longer requires Flash.

      As I've mentioned before I have lived quite happily without Flash for a couple of years now. It is no big deal just some videos are unavailable.

      I have yet to run into a problem where an entire page won't load due to not having Flash.

    2. Ants · in reply to Techno

      A workaround for Chrome: Shift+Ctrl+I to get the developer tools, then Shift+Ctrl+M to change the device mode – select iPad and reload the page. The video will play…

  2. Buzzed

    Time to vote with my feet. Goodbye flash, it was fun. I will miss you.

  3. Karl

    Trash that Flash!

    I have been surprised how it's no longer required for my day-to-day surfing. If a site requires flash then I do not use it.

    Freedom

    1. Simon · in reply to Karl
  4. Saundrine

    Pay attention when you do update though. Adobe automatically selects the boxes for the following "optional offers":

    * Yes, install the free McAfee Security Scan Plus utility to check the status of my PC security. It will not modify existing antivirus program or PC settings.

    * Yes, install True Key™ by Intel Security to say goodbye to the hassle of passwords.

    I hate it when they automatically opt you in. If I want it, I'll click it for cryin' out loud.

  5. Nick

    How do you update Flash if you have Windows 10? Adobe won't supply an update for IE if you have Win10, and Microsoft update is not currently providing an update for IE.

    Alternatively, how do you remove Flash from IE without removing it from Firefox?

    1. seglertx · in reply to Nick

      The Internet Explorer and Edge browsers in Windows 10 already have Adobe Flash installed and are automatically updated just like Google's Chrome browser.

  6. Dansk Tex

    Surfing the web has become like answering telephone calls. With calls, I just quit answering any call that is not from someone I know (which is likely to be someone I don't want to know); anyone important will leave a message. With the web, when I open a webpage that has a Flash video, I just ignore the video like a do an unknown caller. (I put in the Flash blocker a couple of years ago so that I can see the page without the videos automatically playing.)

  7. Mike

    You can't uninstall Flash if you use iTunes :(

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.