Another nail in Adobe Flash’s coffin – Chrome to block Flash ads from September 1st

Graham Cluley
Graham Cluley
@[email protected]

Flash gravestone

Last month, Firefox blocked all Flash content by default – as it waited for Adobe to patch a critical security hole that was being actively exploited in malicious attacks.

The news came hot on the heels of Facebook’s security chief calling for Flash to be put out of its misery permanently.

And from next Tuesday, September 1st, Google’s Chrome browser will be blocking Flash ads by default. In a notice posted on Google Plus, the company says that the change is being made to improve performance for users.

Sign up to our free newsletter.
Security news, advice, and tips.

Announcement on Google Plus

In June, we announced ( that Chrome will begin pausing many Flash ads by default to improve performance for users. This change is scheduled to start rolling out on September 1, 2015.

But let’s not kid ourselves, a major driver for this is to reduce malvertising – the rogue web adverts that can infect your computer with malware as you browse a legitimate website.

The Register explains that Chrome’s step away from Flash won’t stop all Flash content from automatically running when you visit a website, but “non-essential” content will be automatically paused.

Google says that concerned advertisers should switch their Flash ads to HTML5 pronto, explaining that “most Flash ads” uploaded to Google AdWords are already automatically converted.

Flash isn’t going to die overnight, but this is surely yet another nail in its coffin.

I, however, wouldn’t just rely upon Google’s sniffy attitude to Flash ads to be enough to protect your computer.

If you must have Adobe Flash installed (which is, itself, debatable) make sure you are always running the latest version. If you are not sure which version of Adobe Flash you are running on your computer, visit this Adobe webpage which will tell you.

Versions of Adobe Flash Player installed with Google Chrome, Microsoft Edge for Windows 10, and Internet Explorer 10 and 11 for Windows 8.0 and 8.1, should receive automatic updates. So you have less to worry about.

Click to playBut it’s sensible, I believe to go further than just keeping Adobe Flash patched and updated.

Consider enabling Click-to-Play in your browser, one of the best ways to protect yourself against criminals exploiting vulnerabilities in Adobe’s software.

But, be warned, disabling or nobbling Flash in just your browser may not be enough to protect your computer from infection – as it’s perfectly possible for Flash vulnerabilities to be delivered to your PC by routes other than the web.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

One comment on “Another nail in Adobe Flash’s coffin – Chrome to block Flash ads from September 1st”

  1. Michael

    There have been, on average, 5 bugs a week in the Flash Player in 2015. I am writing this on August 30 ,2015, which means it is likely that Flash *now* has 10 unpatched bugs.

    Stop the Flash Player madness – 5 new bugs a week

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.