As I discussed in an article on ESET’s We Live Security blog, a critical security hole has been found in Adobe Flash, leaving Windows, Mac, Linux and Chrome OS users at risk from in-the-wild attacks.
The good news is that Adobe issued a patch earlier today which addresses the zero-day vulnerability and other flaws in its Flash product.
To learn more about the patch, check out this article on ThreatPost.
As I see it, Adobe Flash users have three main choices:
1. Update Adobe Flash as soon as possible – read our instructions on how to update Adobe Flash.
2. Update Adobe Flash as soon as possible *and* stop allowing Flash objects to render automatically in your browser to reduce your attack surface. You should read our instructions about how to enable “Click to Play”.
3. Throw Adobe Flash on the garbage heap once and for all. You should read our instructions on how to uninstall Adobe Flash.
There are some other options (for instance, not having the Flash plugin installed on your main browser, but having a secondary browser on standby for those occasions when you have to visit websites which insist you have Flash enabled), but the three choices above are probably the main ones.
Which will you choose?
Good luck.
The BBC News website still requires it.
So do many other news sites, CBC for instance.
No problem as most of the videos are on YouTube which no longer requires Flash.
As I've mentioned before I have lived quite happily without Flash for a couple of years now. It is no big deal just some videos are unavailable.
I have yet to run into a problem where an entire page won't load due to not having Flash.
A workaround for Chrome: Shift+Ctrl+I to get the developer tools, then Shift+Ctrl+M to change the device mode – select iPad and reload the page. The video will play…
Time to vote with my feet. Goodbye flash, it was fun. I will miss you.
Trash that Flash!
I have been surprised how it's no longer required for my day-to-day surfing. If a site requires flash then I do not use it.
Freedom
Agreed.
Again!
Pay attention when you do update though. Adobe automatically selects the boxes for the following "optional offers":
* Yes, install the free McAfee Security Scan Plus utility to check the status of my PC security. It will not modify existing antivirus program or PC settings.
* Yes, install True Key™ by Intel Security to say goodbye to the hassle of passwords.
I hate it when they automatically opt you in. If I want it, I'll click it for cryin' out loud.
How do you update Flash if you have Windows 10? Adobe won't supply an update for IE if you have Win10, and Microsoft update is not currently providing an update for IE.
Alternatively, how do you remove Flash from IE without removing it from Firefox?
The Internet Explorer and Edge browsers in Windows 10 already have Adobe Flash installed and are automatically updated just like Google's Chrome browser.
Surfing the web has become like answering telephone calls. With calls, I just quit answering any call that is not from someone I know (which is likely to be someone I don't want to know); anyone important will leave a message. With the web, when I open a webpage that has a Flash video, I just ignore the video like a do an unknown caller. (I put in the Flash blocker a couple of years ago so that I can see the page without the videos automatically playing.)
You can't uninstall Flash if you use iTunes :(