Being flashed by a speed camera on the motorway is a nuisance but it’s usually your fault: you were speeding. Looks like using “Flash” on your computer nowadays is a similar blunder: this year, the Adobe Flash Player made it to number 1 in the charts of ways in which your PC or laptop could be compromised!
Just recently, another vulnerability for Flash was reported, affecting all operating systems: Windows, Mac, Linux and Chrome OS. One vulnerability to rule them all. This is also the main reason why Flash topped the charts at number 1! The first exploits abusing this vulnerability have been already reported and it is now up to all of us to fix our operating systems ASAP. As usual, owners of CERN centrally managed Windows PCs don’t need to worry. Their PCs will have this fix automagically deployed.
But more generally, why do we still stick with Flash? Its time has passed and it is being superseded by the more fancy and modern HTML5. The IT department is therefore actively eliminating any requirement for it in central services and considering dropping the installation of Flash from all of its centrally managed PCs. And since they are already at it, Adobe’s Acrobat Reader, which is also a prominent member of the top-10 vulnerabilities, might be phased out too. Of course, there will be suitable alternatives offered for both. So, why would you still need Flash for professional purposes? Send us your opinion!
For further information, questions or help, check our website or contact us at Computer.Security@cern.ch.
Do you want to learn more about computer security incidents and issues at CERN? Follow our Monthly Report.
Access the entire collection of Computer Security articles here.