Yet more critical security flaws have been found in Adobe’s poor, beleaguered Flash Player. The company continues to fight gamely to keep pace, patching issues as quickly as they are found, but there doesn’t appear to be any end in sight.
The most recent bug, tracked as CVE-2016-7890, would have allowed hackers to take control of both a smartphone’s microphone and camera, enabling them to spy with impunity on users.
Also fixed in the most recent patch was a flaw that saw Flash grant permissions to HTTPS and HTTP domains at the same time, which allowed hackers to conduct man-in-the-middle attacks and gain access to sensitive financial information.
If you are still using Flash, be sure to download the latest patch immediately, or you will remain at risk.
Long term, the optimal solution is to simply move away from Flash as fast as you’re able.
The writing has been on the wall for a long time now, and as HTML 5 has continued to evolve, its functionality has begun to match, and even exceed Flash’s capabilities.
Therefore, it’s never been easier to make the switch. Given the unending parade of critical security flaws, the longer you wait, the greater your risk.
If you’re not sure what it would take to make the switch, or if your staff is stretched too thin to make it happen in a timely fashion, call us. One of our talented team members will work with you and your staff to assess your needs and help you draw up an action plan that will move your Flash-based assets to HTML 5, resulting in increased security for you and your firm, and far fewer headaches. We look forward to working with you!