It wasn’t so long ago that Adobe Flash was the latest cutting edge technology for spicing up your website or creating online games. Now, Adobe Flash security issues are what people associate with the once popular platform. With Flash being replaced by newer and more secure technology, it’s a good time to look back on some of the security debacles.
A History of Security Issues
Adobe Flash security issues weren’t always the norm. In fact, there was only a single code execution vulnerability back in 2005. By 2010, the number had shot up to 60. While this might not sound so high, this represents 60 vulnerabilities that could affect end users.
For several years, Flash continued to have around 60 different vulnerabilities every year. However, in 2015, Adobe had its worst year for Flash and consequently, this was around the time many users gave up on Flash entirely. With 329 vulnerabilities, Adobe finally had to admit that Flash might be hackers’ favorite toy.
It shouldn’t be surprising that Flash only had 71 vulnerabilities in 2017. After all, many users had already abandoned ship, making it less attractive to cybercriminals.
Just a quick glance at the list of official security bulletins issued by Adobe for Flash Player shows how dangerous Flash can be for users. In 2018 alone, six sets of security updates have been released to address various issues.
Now, it’s important to note that not every security issue isn’t an immediate threat. However, zero-day bugs weren’t uncommon, which meant that if users didn’t immediately update, they were vulnerable to malicious attacks meant to steal and corrupt data. In some cases, Adobe’s security patches didn’t fix problems, which led to additional emergency patches, such as one zero-day flaw back in January 2015.
Krebs On Security has chronicled the history of Adobe Flash security issues since 2010 and showcases how varied issues have been over the last eight years.
Related Read: Ransomeware Attackes That Rocked 2017
Adobe Says Goodbye to Flash
Chrome released statistics on Adobe Flash usage in that specific browser. In 2014, 80% of users loaded at least one Flash page daily, but that number has dropped drastically to less than 8% in 2018.
As mentioned earlier, 2015 was a bad year for Flash. With hundreds of vulnerabilities, users and developers started to find alternatives, even if this meant abandoning their favorite games or sites. Sadly, 2016 wasn’t much better, which only continued to hurt Flash’s reputation. This explains the drastic drop between 2014 and 2018.
While experts have advised users to avoid Flash at all costs, some sites and users still love it. However, you only have a few more years to use it. With new web standards being released, the future of interactive content is changing and Adobe has officially announced that all support and new releases of Flash will stop at the end of 2020.
Since so many platforms still rely on flash, Adobe’s giving everyone time to migrate their products and content to newer, more secure options. In the meantime, Adobe still plans to address all Adobe Flash security issues as quickly as possible.
Part of Adobe’s decision to let Flash go comes as some Internet giants announce their own plans to phase out Flash in their own products. Microsoft, Google, Facebook, Mozilla, and Apple are all working to eliminate Flash to ensure their products are more secure for users. Timelines vary, but some browsers, such as Safari and Edge, will turn off Flash support by default in 2018.
Holding on to Adobe Flash
According to Adobe, Flash is still everywhere. Over three million developers use Flash technology to build interactive content online. At one point, 24 out of 25 of the top Facebook games were built upon Flash. Even app stores were filled with Flash content, with over 20,000 Flash-based apps living on Google Play Store and Apple App Store.
While some of Adobe’s stats are still based in 2015, W3Techs reports only 4.9% of all websites currently use Flash. However, some major sites, such as Slate, have just recently implemented Flash on their site. Despite all the Adobe Flash security issues, websites and users still enjoy the interactive content built upon Flash.
Some of the most common reasons people are still holding on include:
- No alternative to a favorite game
- Their favorite websites use Flash
- They don’t know how to turn it off in their browser
- Some sites require it
- Developers haven’t transitioned away from Flash
As sites and developers start to adopt alternatives to Flash, the overall usage will continue to decline. Plus, as browsers start to block Flash content by default, users won’t even need to change their browser settings to stay safer.
Plus, some users have interacted with Flash-based content for over a decade. Much like users who are still using Windows XP, it’s a personal preference. It’s what they’re used to and they don’t want to change.
Updates Can’t Be Ignored
Despite sites, brands, and Adobe taking steps to phase out Flash, you still have Adobe Flash security issues to contend with as long as you’re interacting with Flash content. According to Adobe, it takes up to six weeks for most users to install updates.
Six weeks is an eternity when your computer is vulnerable. Think of it as leaving your car running in a parking lot for a day and just hoping no one takes advantage. For some vulnerabilities, it really is that serious.
If you’re still using Flash, don’t ignore security updates. Adobe is continuing to release security updates until sometime in late 2020. Install all updates immediately upon release. It’s the only way to help protect you as you interact with Flash content online and on your mobile devices.
While you’re busy keeping Flash up to date, start looking around to alternatives to your favorite sites, apps, and games. You should start to see updates released that eliminate Flash entirely. However, some content hasn’t been updated since it was first created. This means those old Flash games you played in 2006 likely aren’t going to be re-released.
Keep yourself safe by staying vigilant with updates. Do the same with your operating system and anti-virus for a more secure online experience.
Related Read: Online Security Checklist
Contribution by Crystal Crowder
About the Author
Crystal lives and breathes tech. She’s spent over a decade writing tutorials, reviews, and more on tech, business, and lifestyle sites. Her idea of fun is settling down with the latest tech and gadget news.