Security News Adobe: 7 critical vulnerabilities (information disclosure or remote code execution)

[LASER_oneXM]

hi

....another horrible news from Adobe. Be sure to update this adobe software as soon as possible:
Adobe Flash Player and Adobe Shockwave Player.

a quote from the artcle above:

Adobe has released updates for Adobe Flash Player and Adobe Shockwave Player that resolves a combined 8 security vulnerabilities. Of these 8 vulnerabilities, 7 of them are rated as Critical because they could lead to information disclosure or remote code execution.

A remote code execution vulnerability is particularly worrisome as it could allow attackers to remotely execute command on an affected machine. This would allow them to execute almost any command, including the downloading and execution of malware, on the remote computer without the knowledge of the owner.

 

[Faybert]

Flash Player was already meant to be dead

 

[Winter Soldier]

Adobe Flash&Shockwave still under attack? Remove them, end of story!

 

[tina whittington]

Adobe Flash&Shockwave still under attack? Remove them, end of story!

if u remove them what do u use instead please, thanks t

 

[Winter Soldier]

if u remove them what do u use instead please, thanks t

Flash Player is full of bugs and this has made it one of the vectors used by attackers to install malware or take control of a computer with advanced attacks.
Other times it has zero-day vulnerabilities that are discovered after an attack that takes advantage of them, so that Adobe, has "zero days" of time to find a patch.

Usually it is possible to avoid Flash because many sites now are using HTML5.
But if you can't avoid using Flash, I suggest you to use Google Chrome which has already integrated Flash Player. In this way, since Chrome automatically updates Flash, you will be sure you always have the latest version available.
Plus, Chrome uses the sandbox that lets you run a plugin in a protected environment, isolated from the rest of the system allowing for more security when you use Flash.

 

[LASER_oneXM]

...yes: there are still a lot of sites that dont support HTML5 at all. In this cases you have no choice: you
have to use the risky flash player.

 

[larry goes to church]

I feel like adobe has been one of the biggest third party vendors contributors to 0-days since the being of time.