Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
!!! Leaked flash zero day likely be exploited by attackers
- Thread starter m4v3r1ck
- Start date
- Sort by reaction score
chrfr
macrumors G5
Chrome has already been updated with the new version of Flash Player and Adobe is releasing an update later today. The existence of a Flash Player zero-day vulnerability is barely news; they happen regularly.
In Chrome, it is a must to enable "click to play". That way, unless deliberately run, Flash stuff (mainly ads) can't do damage.
Apparently the update didn't fix the issue. The problem is worse than originally thought and experts are not recommending people disable flash.
http://www.businessinsider.com/facebook-chief-security-officer-calls-for-end-to-adobe-flash-2015-7
http://www.businessinsider.com/facebook-chief-security-officer-calls-for-end-to-adobe-flash-2015-7
Last edited:
I've been calling for the end of Flash for years. It is a thoroughly broken and insecure piece of software. Just put it out of its misery.
What makes this news worthy is the source of it, a self professed "security" company that used it to sell surveilance tools. Moral of the story, zero-days should be reported and fixed, not traded and exploited for what ever reason.. Edit: Oh, and it's been three Flash zero-days from the same guys in the last week.. so far.
Thanks for your effort, still a no-go on TapaTalk, will try in a browser later!
Cheers