For anyone out there still using Adobe’s Flash Player, the company has just announced a significant security update. According to an Adobe security bulletin, the patch addresses “critical vulnerabilities that could potentially allow an attacker to take control of the affected system.”
In total, the company found 23 security loopholes, as well as reports of exploits in CVE-2016-1010 in “limited, targeted attacks.” Other security holes include use-after-free, heap overflow and memory corruption vulnerabilities that could lead to code execution, the company said. The vulnerabilities impact Linux, Mac OS X and Windows platforms.
(Related: Adobe moves away from the Flash brand)
Adobe recommended users update their installations to the latest version.
Adobe Flash has become largely unpopular with the rise of HTML5 and other architectural advances that no longer require a plug-in for media. Most recently, Google ditched Adobe Flash for advertising, Mozilla blocked Flash in Firefox, Facebook and YouTube dropped Flash video support in favor of HTML5, and Amazon dropped Flash on Amazon.com, its advertising platform and other Interactive Advertising Bureau standards.
The company revealed in late 2014/early 2015 there were more than 500 million devices using Flash technology, with an expected 1 billion by the end of 2015, but it hasn’t updated its statistics since then. At the end of 2015, Adobe did announce it was moving away from the Flash brand and toward Adobe Animate CC to reflect changing times.
More information is available here.