Users of the Windows 10 operating system are being warned about a critical vulnerability with Adobe Flash.
The warning came from Adobe itself when it announced it would be issuing a security update this week in order to plug the flaw.
“A critical vulnerability (CVE-2016-1019) exists in Adobe Flash Player 21.0.0.197 and earlier versions for Windows, Macintosh, Linux, and Chrome OS,” said Adobe in the security advisory. “Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.”
Adobe urged Flash users to update immediately to the latest Flash Player (21.0.0.182) version to prevent the flaw being exploited – something which is already happening in the wild.
“Adobe is planning to provide a security update to address this vulnerability as early as April 7.”
Adobe used its security advisory to thank Kafeine (EmergingThreats/Proofpoint) and Genwei Jiang (FireEye), as well as Clement Lecigne (Google) for reporting the flaw and working with it to patch the vulnerability.
Flaws and vulnerabilities with Adobe Flash are a depressingly familiar story to many in the security industry. Last year Mozilla lost patience and blocked Adobe Flash by default following the discovery of yet more zero-day vulnerabilities in the browser plug-in. That block remained in place until Adobe rushed out a patch for the flaw.
And even Adobe recognises the days of Flash are numbered.
In December, it acknowledged the inevitability of an HTML5 world and said it was now “encouraging” developers and content creators away from Flash, in order to use newer web standards.
Adobe’s Flash was also famously hated by the late Steve Jobs as well, after the former Apple CEO famously called it a doomed technology. Indeed, such was Jobs opposition to Flash that he publicly attacked it in April 2010, which prompted a bitter spat with Adobe’s CEO.
The bad blood between Apple and Adobe continued for some time, not helped by an Adobe ad campaign that blasted Apple for its closed approach regarding developer licensing.
Are you a security pro? Try our quiz!
Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…
Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…
Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…
Shipments of foldable smartphones show dramatic slowdown in world's biggest smartphone market amidst broader growth…
Google proposes modest remedies to restore search competition, while decrying government overreach and planning appeal
Sega 'evaluating' starting its own game subscription service, as on-demand business model makes headway in…