Kudos to Adobe. They patched Flash quicker than they promised

Graham Cluley
Graham Cluley
@[email protected]

Flash patchLast week I warned about a zero-day vulnerability in Flash that was being actively exploited in targeted malware attacks.

It was the latest in a long line of security holes in Adobe Flash, which was on this occasion put to malicious purpose by the Pawn Storm hacking gang, who historically have targeted government, military and media organisations in the United States, Ukraine, and across Europe.

In a security advisory, Adobe initially said that it hoped to issue a fix for the vulnerability this week (in other words, the week beginning Monday 19th October).

However, it actually managed to push out the patch ahead of schedule on Friday 16th October instead.

Sign up to our free newsletter.
Security news, advice, and tips.

I’m no fan of Adobe Flash, and have long urged users to remove it from their computers or at the very least limit its ability to assist hackers in spreading malware.

But we should give credit where it’s due. Although it would have been great if Flash hadn’t had the vulnerability in the first place, Adobe was able to deliver a security patch days ahead of what it had previously promised.

And in an internet-connected world, minutes, hours and days can make a big difference.

So, and I’ll take a deep breath here, well done Adobe.

Will it be long before Flash is exploited again? I shouldn’t think so.

Should you remove Adobe Flash from your computers? In many cases that would seem sensible to me.

Should you remove Adobe Shockwave from your PCs? Undoubtedly. Adobe has long shipped versions of Shockwave with seriously out-of-date components of Flash embedded within.

Should you at the very least minimise how much Flash can expose you to threats? Definitely. Consider enabling “Click to play”.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

One comment on “Kudos to Adobe. They patched Flash quicker than they promised”

  1. Joe

    So I got rid of it, but then there were some videos on some web sites that could not be viewed.
    So what is the alternative replacement for Flash?

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.