Adobe Flash Will Be Put to Rest with a Laundry List of Security Issues

August 02, 2017

Flash Player will be Removed from the Internet by 2020

(August 2, 2017) -- Adobe announced that it will stop distributing Flash Player, an extension that runs in the background of internet browsers to enable video content. It will be phased out completely by 2020 adhering to a trend starting around 2010 when Apple outlawed Flash from iOS. In 2012, Android followed suit. Google has even stopped allowing Flash video ads from automatically playing.


Flash’s Rap Sheet

Flash Player has long been a favored channel of hackers disseminating malware and viruses. “Zero-day” exploits (security holes software still undetected by its distributor) delivered through large malicious advertising campaigns have been on the rise for some time. CNN Tech and other internet security source detail a few of the major security breaches over the past decade:


  • 2011: Yet another bug gave hackers remote access to people's computers -- this time in Flash Player.

  • 2012: Hackers gained access to Adobe's security verification system by tapping into its internal servers.

  • 2015: Virus writers use a security flaw in Flash to encrypts users’ data and demands payment to unlock it.

  • 2016: APT Group “StarCruft” targets high profile victims by leveraging watering holes in Flash.


Flash’s security vulnerabilities stem from its closed standards, as opposed to an open one like HTML5 that plugins are now utilizing. Adobe has been developing patches to fix vulnerabilities in software updates, but has not been able to keep up with the amount of constantly surfacing risks.


How to Protect Yourself Online

The security community encourages businesses and individuals to remove Adobe Flash from their computers. Websites using Flash should be avoided altogether if possible. Youtube, for instance, no longer runs Flash and has instead opted for HTML5 to play its content.


If you must stream video content on a site that only runs with Flash, make sure you have the latest version, since security risks are mitigated with each update. Additionally, run Flash on Google Chrome of Firefox, which verify its safety before running, and allow activation by click only. Internet Explorer lacks these features, making it more susceptible to Flash hacker infiltrations and a more dangerous browser to use.


Tell BBB!

Please report any sort of Adobe Flash virus or other cyber threat to BBB’s Scam Tracker so that we can continue to arm you with information on hazardous trends, and more importantly, how to prevent them.