In the News:
Adobe’s Flash Player is set to be retired on December 31, 2020. In preparation, Adobe will soon begin prompting users to uninstall their popular Flash Player. Adobe announced its plan to no longer distribute Flash Player in July 2017 and encouraged the use of open standards, including HTML5, WebGL, and WebAssembly as alternatives.
Our Take:
Long used by threat actors as a way to load malware onto victims’ computers, Flash Player has had a difficult time keeping up with all the exploits used against it. If users don’t use the most recent patched version of Flash Player, they make themselves vulnerable to a myriad of attacks. In one type of attack, a fake Flash updater pushed both a legitimate Flash update and a secretly installed cryptocurrency miner onto victims’ PCs. Palo Alto Networks warned users against this exploit.
Companies like Google have made the move to use HTML5 as the default way to display content on sites. Users will only notice a difference in performance if websites don’t use an HTML5 content player because content won’t automatically be displayed.
Due to the number of attacks taking advantage of Flash Player, and the danger of using an unsupported service, we strongly encourage uninstalling Flash Player on all devices.
Recommendations:
- Uninstall Flash Player as soon as possible before the December 31, 2020 deadline. If you must continue to use Flash Player until then, be sure to only use the latest, patched version. Patching will be discontinued on December 31, 2020.
- Like Flash Player, many applications require regular patches to avoid falling victim to new attacks. Make sure you run updates on your devices and keep your apps up to date by using the latest software versions .
- Check out Northwestern IT’s Tips For Securing Devices for information on automatic updates and other helpful tips.