Both Google Chrome and Mozilla Firefox have decided to pull the plug on Adobe Flash Player following a critical security flaw found in the program. A leaked document reveals that the program suffers a severe flaw, which allows hackers to take complete control over anyone’s computer thereby compromising personal user information. And even after repeated attempts by both Google and Mozilla to fix the patch, both have decided to stop providing support for the plugin on their respective browsers.
The flaw was revealed by a government sponsored group called ‘Hacking Team’ via a series of leaked documents. These leaked documents revealed how the group used three unpatched Flash versions to hack and take complete control over a user’s computer.
As we all know, Plugins need to be updated on a regular basis as their outdated versions are highly vulnerable to security flaws. Hence, once the details of this vulnerability were made public, it left Adobe Flash Player prone to hacking by other attackers and cyber criminals who could potentially create havoc. Moreover, these flaws have reportedly been live for around four years now.
Security researchers have now verified three attacks previously unknown, while Trend Micro has spotted the most recent flaw that has been rated ‘critical’.
Since the documents were leaked, Adobe released a security patch to fix the vulnerability on July 8. While yesterday, the firm released another security update for its Flash Player and said, “We are proactively pushing the update out to users. We are also working with browser vendors to distribute the updated player. Flash Player is one of the most ubiquitous and widely distributed pieces of software in the world, and as such, is a target of malicious hackers. We are actively working to improve Flash Player security, and as we did in this case, will work to quickly address issues when they are discovered.”
However, Google and Mozilla still do not seem convinced and have pulled support for the Flash Player plugin on Chrome and Firefox. Google has not yet released an official statement on the matter though on Firefox, users are directed to a blocked plugin page when they try to update which reads, “Flash Player Plugin between 11.0 and 11.7.700.169 has been blocked for your protection. Old versions of the Flash Player plugin are potentially insecure and unstable. All users are strongly recommended to update on our plugin check page.”
Even security researchers are now advising users to disable Adobe Flash Player in their browsers until the issue is completely rectified, while some say Adobe Flash should be removed completely. Facebook’s chief security officer Alex Stamon tweeted last week that it’s time for Adobe to end Flash completely.