
Adobe confirms major Flash vulnerability - happyscrappy
http://bgr.com/2015/10/15/adobe-flash-player-security-vulnerability-warning/
======
cpncrunch
The security bulletin has now been updated, and says the update will be
available on Oct 16 (today).

------
panarky

      Just one day after Adobe released its monthly security patches
      for various software including Flash Player, the company confirmed
      a major security vulnerability that affects all versions of Flash
      for Windows, Mac and Linux computers. You read that correctly…
      all versions.
    

Just uninstall this clusterfuck and be done with it.

~~~
jeff_tyrrill
Although I agree with your negative assessment of Flash in general, the quoted
bit "You read that correctly... all versions" is meaningless hyperbolic
bluster. I would _hope_ a cross-platform product is using a unified codebase
to maximize compatibility and minimize development and test surface. That, of
course, will tend to mean that bugs exhibit the same behavior cross-platform.
(And to the extent that by "all versions", it is including past versions,
that's even worse, as it implies that staying on an old version is ever
advisable.) It's irresponsible journalism to mislead about the nature of
software products like this.

------
jasode
Does vulnerability also affect Google Chrome's builtin Flash player?

EDIT: Answer is YES. The link provided by 0x0 says it also affects Google
Chrome's Flash and there's an update for it.

~~~
simonh
It seems likely. 1\. Go to URL chrome://plugins 2\. Click Disable

~~~
zxv
Or block flash on all except whitelisted sites using flashcontrol, free in the
chrome web store:

[https://goo.gl/Q0hLm](https://goo.gl/Q0hLm)

~~~
jonknee
An extension isn't needed for that. Make it click-to-play ("Let me choose when
to run plugin content") and then you can add any site you want to the
exceptions list. An icon displays in the address bar when a plugin is on the
page, click it and you can easily add the site to your exceptions list.

------
0x0
Patches available: [https://helpx.adobe.com/security/products/flash-
player/apsb1...](https://helpx.adobe.com/security/products/flash-
player/apsb15-27.html)

------
jacquesm
It'd be interesting to know (and the article doesn't seem to make it clear
either) whether or not they're going to update the Linux flash player. If not
then flash on linux is instantly dead, which would break quite a few websites.

~~~
wanderfowl
It's patched:

[https://helpx.adobe.com/security/products/flash-
player/apsb1...](https://helpx.adobe.com/security/products/flash-
player/apsb15-27.html)

------
brianclements
I uninstalled flash completely from all my systems upon the last major
vulnerability news. My biggest loss? No videos in Facebook, which seems to
have been fixed recently anyway. I'm chillin.

------
arrowgunz
Getting rid of Flash on iOS was the best decision Apple had ever taken. It is
a fact that Flash is a pretty unsecure platform. Companies should stop using
flash and put an end to it mess.

------
raimille1
Flash is still a thing?

