Posted by: Heather Shy on May 20, 2016 at 9:40 am
Persistent vulnerabilities in Flash prompt strong action by Google Chrome.
Let’s not mince words: Flash is terrible. It has been not great for a long time. It has a ton of vulnerabilities, which means it easily acts as a carrier for malware, viruses and other nasties. Just last year, Flash had – by far – the most known vulnerabilities among eight popular internet utilities. (Internet Explorer, Firefox, Chrome, Office, Adobe Reader, Java and Microsoft Silverlight.)
If you can avoid Flash, do so.
Chrome is going to make this easier by defaulting to HTML5, if that option is available for a site. If it is not available, Chrome will let you know that the site needs Flash Player. You can then activate and use it for that site, and Chrome will save your preferred setting for that site. This all starts later this year. (Q4, per Chrome.)
What can you do in the meantime?
- You might consider uninstalling the Flash plug-in. Reinstall only if needed.
- If you must use Flash for your personal web use, make sure to keep it updated. Updates will have the latest security patches.
- Does your company web site use Flash? Sit down with your web developer to explore using HTML5 or another alternative.
- If you visit vendor web sites that use Flash, ask vendors about their plan to move away from it.
Reminder for Apple iOS mobile device users: Apple does not support Flash for iPhone, iPod, or iPad. Steve Jobs wrote about this decision in 2010.
Someday, Adobe will either really crack down on these persistent problems or will scrap support for it entirely. Chrome’s announcement is helping that day come sooner. We think it can’t come soon enough.