Flash flaw could allow attackers to remotely control Macs and PCs, Adobe issues critical update

Posted:
in macOS edited February 2014
Adobe on Tuesday released a security update for their Flash Player to address a vulnerability that could allow an attacker to remotely take control of users' computers, an exploit that the company says has been documented in the wild.

Adobe Flash Player


According to Adobe, both Mac and Windows machines running Flash Player version 12.0.0.43 or earlier are susceptible to the attack. Linux users are not immune, as the bug also affects Flash Player versions 11.2.202.335 and earlier on the platform.

Users can verify the Flash version installed on their system by visiting Adobe's About Flash Player page or right-clicking on Flash content and choosing "About Adobe Flash Player" from the contextual menu.

Windows and Mac users are urged to update to Flash Player 12.0.0.44 as soon as possible, while Linux users should install version 11.2.202.336. Flash Player plugins installed with Google's Chrome browser or Microsoft's Internet Explorer 10 or 11 will be automatically updated, Adobe says.

The bug --?assigned CVE code CVE-2014-0497 --?was reported by researchers Alexander Polyakov and Anton Ivanov of Kaspersky Labs.
«13

Comments

  • Reply 1 of 47
    jkichlinejkichline Posts: 1,335member
    This, and the horrendous toll on battery life, are why I don't have Flash installed on my MBA.
  • Reply 2 of 47

    Can we finally just ditch Flash from the Internet ecosystem already, please?

  • Reply 3 of 47
    What a joke, click Check Now for updates in the Flash PrefPane, and it says 12.0.0.38 is latest...

    FAIL.
  • Reply 4 of 47
    john.bjohn.b Posts: 2,720member

    Flash = Adobe's evil twin.

  • Reply 5 of 47
    john.bjohn.b Posts: 2,720member
    Quote:

    Originally Posted by jkichline View Post



    This, and the horrendous toll on battery life, are why I don't have Flash installed on my MBA.

     

    And for what?  A bunch of cheezy animated ads?  Shameful that this is Adobe's legacy.

  • Reply 6 of 47
    pmzpmz Posts: 3,433member

    Quote:
    Originally Posted by libertyforall View Post



    What a joke, click Check Now for updates in the Flash PrefPane, and it says 12.0.0.38 is latest...



    FAIL.

    Check again. 

    Quote:

    Originally Posted by jkichline View Post



    This, and the horrendous toll on battery life, are why I don't have Flash installed on my MBA.

     

     

    Quote:

    Originally Posted by Ursadorable View Post

     

    Can we finally just ditch Flash from the Internet ecosystem already, please?


     

     


    Quote:

    Originally Posted by John.B View Post

     

     

    And for what?  A bunch of cheezy animated ads?  Shameful that this is Adobe's legacy.


     

    Don't be ridiculous. It has a lot of useful and relevant applications...unfortunately those of you that are unaware of the world outside the Apple bubble have no idea and thus make comments like these.

     

    Flash may suck, but it is still very important for a lot of sophisticated web applications and will continue to be for at least the next 5 years.

  • Reply 7 of 47
    ceek74ceek74 Posts: 324member

    Is this for the "known" security issue or to patch the "unknown" NSA backdoor?  Oops.

  • Reply 8 of 47
    sflocalsflocal Posts: 4,651member
    Thank you Adobe for reminding everyone why your Flash product is the software equivalent of the Titanic taking on water.

    I look forward to the day this trash product goes into the Internet history archives, where it should have been ages ago.
  • Reply 9 of 47
    rob53rob53 Posts: 2,042member
    Quote:

    Originally Posted by libertyforall View Post



    What a joke, click Check Now for updates in the Flash PrefPane, and it says 12.0.0.38 is latest...



    FAIL.

    Mine found it. I have my settings to not run Flash unless I approve it but I can't believe how many websites have it running and it's not apparent where it's running. I can see the typical notification on some sites but other on other ones it's not as apparent.

  • Reply 10 of 47
    jkichlinejkichline Posts: 1,335member

    Unfortunately, I do have experience with Flash. I was a system architect for an interactive design agency. I've worked in Flash and Flex development and after having done so, believe that it is a woeful technology that does not transition well in the mobile world. In addition I saw a number of projects overrun on budget and time due to the promise of faster development cycles on a nascent technology that were never realized. While Flash/Flex provided a better framework for building sophisticated apps, I think it many cases it is overkill and can be done more simply HTML 5, especially with modern frameworks such as JQuery, etc.

     

    In addition, Flash does not run on mobile devices because if it's drawbacks and is thus irrelevant in the increasingly post-PC world.

  • Reply 11 of 47
    pmz wrote: »



    Don't be ridiculous. It has a lot of useful and relevant applications...unfortunately those of you that are unaware of the world outside the Apple bubble have no idea and thus make comments like these.

    Flash may suck, but it is still very important for a lot of sophisticated web applications and will continue to be for at least the next 5 years.

    No one disputes the importance of Adobe Flash especially prior to 2008 but the importance of Adobe Flash is declining rapidly. Companies that can't adjust will also see their products and services decline in importance over the next five years.
  • Reply 12 of 47
    sflocalsflocal Posts: 4,651member
    No one disputes the importance of Adobe Flash especially prior to 2008 but the importance of Adobe Flash is declining rapidly. Companies that can't adjust will also see their products and services decline in importance over the next five years.

    Precisely. When I'm on my iPad or iPhone and come across a Flash-only site, I don't blame Apple. I blame the website company and they lose my business. They need to wake up and get off this antiquated technology.
  • Reply 13 of 47
    philboogiephilboogie Posts: 7,438member
    pmz wrote: »
    [QUOTE name="jDon't be ridiculous. It has a lot of useful and relevant applications...unfortunately those of you that are unaware of the world outside the Apple bubble have no idea and thus make comments like these.

    Flash may suck, but it is still very important for a lot of sophisticated web applications and will continue to be for at least the next 5 years.

    Using 'Flash' and 'sophisticated web applications' in the same sentence seems odd. I don't see anything sophisticated about this software. Care to elaborate? Or is the answer right in front of me, but I simply can't see it as I don't have Flash installed on my Mac?
  • Reply 14 of 47

    Is this really surprising, since Adobe's PDF source code was compromised and leaked onto the web... who knows how far it goes?

  • Reply 15 of 47

    I wish the NY Times would lead by example and convert their videos to HTML5, and discard Flash.

     

    They shouldn't wait until the day when they deliver a computer-controlling, hacked Flash video to their readers. You know that day is coming.

     

    And anyone else serving Flash videos should be responsible as well.

     

     

    And while we're on the subject of Adobe... their software rental-only policy!!!... (going red in the face).... (steam exiting ears)... They'll have to get my first $50 payment by pulling it out of my cold, dead hands!

  • Reply 16 of 47
    Quote:

    Originally Posted by pmz View Post

     

     

     

     

     

    Don't be ridiculous. It has a lot of useful and relevant applications...unfortunately those of you that are unaware of the world outside the Apple bubble have no idea and thus make comments like these.

     

    Flash may suck, but it is still very important for a lot of sophisticated web applications and will continue to be for at least the next 5 years.




    It is used in applications, but more and more each day I can surf without flash turned on.   With the toll in battery life as well as the security risks it is safer off and turned on when needed.

  • Reply 17 of 47
    Enough... uninstalled!
  • Reply 18 of 47
    Another ploy by Adobe to get everyone to install the latest version of their Flash Player to increase the "installed base" numbers on their latest version to make it look like a viable platform to code to.
  • Reply 19 of 47
    conrailconrail Posts: 489member
    Quote:

    Originally Posted by Ursadorable View Post

     

    Can we finally just ditch Flash from the Internet ecosystem already, please?


    Once you update, redo, or delete the millions of flash applets, plug ins, games, videos, etc. that have been posted, then sure!

  • Reply 20 of 47
    conrailconrail Posts: 489member
    Quote:

    Originally Posted by stevenoz View Post

     

    I wish the NY Times would lead by example and convert their videos to HTML5, and discard Flash.

     

    They shouldn't wait until the day when they deliver a computer-controlling, hacked Flash video to their readers. You know that day is coming.

     

    And anyone else serving Flash videos should be responsible as well.

     

     

    And while we're on the subject of Adobe... their software rental-only policy!!!... (going red in the face).... (steam exiting ears)... They'll have to get my first $50 payment by pulling it out of my cold, dead hands!


    Maybe you can beat them with your buggy whip!

Sign In or Register to comment.