Adobe Systems on Monday warned of a critical vulnerability in the most recent version of its Flash Player that is being actively exploited in the wild. The vulnerability affects Flash Player 10.1.82.76 for Windows, Macintosh, Linux, Solaris, and Android operating systems, Adobe said in an advisory. “There are reports that this …
It's an evil plot by Steve Jobs to strengthen Gianduia's position over Flash!
How many times to we have to be reminded...
Flash is just an all around bad idea?
I see no Flash
What's this Flash stuff anyhoose?
Sent from my iPad
Then you see what Steve Jobs wants you to see
Which for me is not much.
Sent from any computer I like to own and control.
@Then you see what, etc
Oh, do get over yourself, please.
Anyways, shouldn't you be back at school.
.... if you're running Flash there aren't any guarantees that you *are* the owner and in control of the computer.
Re: I see no Flash
"What's this Flash stuff anyhoose?"
It comes hand in hand with choice. Your iPad is missing that too.
Not sent from your iPad.
All your comps are belong to us
Ha, you mean sent from a computer someone else now owns and controls.
Web-based email services
>> since Flash is used by Gmail and other web-based email services
That statement is misleading since such services can USE Flash but they most certainly don't NEED Flash to function. An example would be a Gmail user being able to view a Youtube video that's part of a message they received. But outside of something like that Flash is not a necessary part of any webmail service I'm aware of. I just don't want to see people being spooked about some kind of vague distinction that webmail services are more or less vulnerable as that isn't the case.
Time to refocus on security, Adobe.
Microsoft refocused on security and we went from "ha ha" default security in Windows 2000 to "not impenetrable but arguably within reach of the competition" in Windows 7. It’s not just Flash; it’s Adobe Reader too.
I second Dan's noscript call:
And I raise a few more plugins besides:
Adobe, Pull your damned socks up.
Flash is great
You dinosaurs would still rather be working on computers running unix or dos with a green screen VDU.
Graphics are what most users want to experience on their PCs and flash enables that. Sure, it needs to be more securely coded, but to dismiss it outright shows some of you lot to be old farts
You fracking "I want my colorful interface" know-nothing
"Flash enables graphics on PCs"? Right.
@AC: Flash is Great
While I agree with your assertion that most users want to use a graphical interface; not only I do I flat out reject the rest of your argument, but am now convinced that you are an absolute idiot because you don't comprehend Adobe hasn’t gotten their security ‘shit’ squared away after years of "second chances".
Just say no to flash!
This article gives the wrong mitigation measures -it says use NoScript and that gmail needs flash
* gmail doesn't use flash, nor does Y! mail, though flickr likes it
* if you install the FlashBlock plugin (Firefox and apparently Chrome) you can block flash everywhere, and selectively enable it where you trust the site.
* Acroread is best handled by uninstalling, switching to a lighter weight viewer. Sometimes these are vulnerable too, but they tend to be targettted less often
title goes here
Yeah, the main reason I stick with Firefox is the the plugins, particularly, noscript and flashblock, both of which I use. Opera needs to consider opening it's system out to fully to allow powerful plugins if it wants to take on Firefox, and not just try the "we'll include the kitchen sink, features wise, so you don't need proper plugins" approach. Any time I've searched Opera plugins, all there seems to be is 101 calendar apps. Why do I want a bloody calendar in a web browser, FFS?
Worth pointing out though, is that Flashblock isn't infallible, I've had a few "WTF?" moments when flash ads start running by somehow either deliberately or inadvertently bypassing flashblock's Flash detection. Don't know how they do it, but flashblock isn't perfect.
I have worries about HTML5 and it's video streaming capabilities. I suspect it's going to open up a new security can of worms for malware peddlers to exploit. At least I can for the most control flash and flash video with flashblock and noscript.
Do NOT use FlashBlock
Relying on FlashBlock for your security is not a good idea:
People wonder why I still use slow Firefox instead of the much faster Chrome or Opera. This is a first class demonstration why. The browser makers always say that their browsers are completely secure so the plugins like noscript, cookie monster, better privacy and ad block are not needed.
But in cases like this with these zero day vulnerabilities (that even affect firefox) I am happy to have these plugins that give an extra level of control and when other browsers have plugins that do the same thing I will be happy to move to them.
From the previous posters comments it looks like Chrome is moving in the right direction. But when I looked up Flash Block it looks like you are forced to allow sites like youtube.
why do I need a title for a reply? Sort it, Reg
flashblock stops youtube if you want it to. Flashblock and noscript work fairly well together, too, so you can run both.
That maybe true, but the main point of my post was to say that I won't touch other probably better browsers until they offer these types of plugins to allow you to shield yourself from these zero day issues until patches are avaliable.
Re: Flash is great
>> You dinosaurs would still rather be working on computers running unix or dos with a green screen VDU.
Personally I like both a terminal window and a dancing GUI making mindless sound effects. But both have their own appropriate situations, and I think almost all computer users young or 'dinosaur' feel the same way. The problem with Flash is Adobe has failed in an extreme way to allot proper development resources to optimize and secure it. To Adobe's credit, if you think back to when the Internet was just starting to gain so much general usage, Flash was originally aimed more at animated games and then it's usage for things like online video just grew almost organically. There really wasn't a lot of viable alternatives at the time, like HTML5, WebM, or Silverlight, etc. But getting back to the point, most techies don't hate Flash for what it is and making silly blanket accusations is pointless. I think a more accurate sentiment is the wish for an optimized, cross-platform stable, secure Flash that just works. A proprietary-free environment would be even better. Adobe's refusal to a) give Flash better development support, or b) Open Source it to allow better development support is disappointing. HTML5 is gaining lots of momentum and Flash could become more and more irrelevant.
- NASA boffin: RIDDLE of odd BULGE FOUND on MOON is SOLVED
- Pic 7 AMAZING experiments set for Mars Rover 2020 – including oxygen generation
- Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
- Plug and PREY: Hackers reprogram USB drives to silently infect PCs
- Boffins spot weirder quantum capers as neutrons take the high road, spin takes the low