Another nail in Adobe Flash’s coffin – Chrome to block Flash ads from September 1st

Graham Cluley
Graham Cluley
@[email protected]

Flash gravestone

Last month, Firefox blocked all Flash content by default – as it waited for Adobe to patch a critical security hole that was being actively exploited in malicious attacks.

The news came hot on the heels of Facebook’s security chief calling for Flash to be put out of its misery permanently.

And from next Tuesday, September 1st, Google’s Chrome browser will be blocking Flash ads by default. In a notice posted on Google Plus, the company says that the change is being made to improve performance for users.

Sign up to our free newsletter.
Security news, advice, and tips.

Announcement on Google Plus

In June, we announced ( that Chrome will begin pausing many Flash ads by default to improve performance for users. This change is scheduled to start rolling out on September 1, 2015.

But let’s not kid ourselves, a major driver for this is to reduce malvertising – the rogue web adverts that can infect your computer with malware as you browse a legitimate website.

The Register explains that Chrome’s step away from Flash won’t stop all Flash content from automatically running when you visit a website, but “non-essential” content will be automatically paused.

Google says that concerned advertisers should switch their Flash ads to HTML5 pronto, explaining that “most Flash ads” uploaded to Google AdWords are already automatically converted.

Flash isn’t going to die overnight, but this is surely yet another nail in its coffin.

I, however, wouldn’t just rely upon Google’s sniffy attitude to Flash ads to be enough to protect your computer.

If you must have Adobe Flash installed (which is, itself, debatable) make sure you are always running the latest version. If you are not sure which version of Adobe Flash you are running on your computer, visit this Adobe webpage which will tell you.

Versions of Adobe Flash Player installed with Google Chrome, Microsoft Edge for Windows 10, and Internet Explorer 10 and 11 for Windows 8.0 and 8.1, should receive automatic updates. So you have less to worry about.

Click to play But it’s sensible, I believe to go further than just keeping Adobe Flash patched and updated.

Consider enabling Click-to-Play in your browser, one of the best ways to protect yourself against criminals exploiting vulnerabilities in Adobe’s software.

But, be warned, disabling or nobbling Flash in just your browser may not be enough to protect your computer from infection – as it’s perfectly possible for Flash vulnerabilities to be delivered to your PC by routes other than the web.

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

One comment on “Another nail in Adobe Flash’s coffin – Chrome to block Flash ads from September 1st”

  1. Michael

    There have been, on average, 5 bugs a week in the Flash Player in 2015. I am writing this on August 30 ,2015, which means it is likely that Flash *now* has 10 unpatched bugs.

    Stop the Flash Player madness – 5 new bugs a week

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.