Skip to main content

Nothing says Christmas like another Flash exploit

Nothing says Christmas like another Flash exploit

Share this story

Sean Gallup/Getty Images

Flash is basically dead, but like a rotting corpse full of disease and bacteria, it's still capable of doing harm. Yesterday, Adobe released an emergency patch for the software with a number of bug fixes for "critical vulnerabilities," including one exploit the company says is currently being used in "limited, targeted attacks." And while we'd like to say this will be the final security flaw found in Flash this year, honestly, that's not a safe bet. According to one tally, there have been some 316 Flash bugs discovered in 2015 — which is around six every week and means we're due one or two more before we hit 2016.

Even Adobe has distanced itself from Flash

Thankfully, though, it looks like 2015 is going to have been the year that Flash died. In January, YouTube dropped the bug-ridden software in favor of HTML5 to handle its video, and in July, Facebook's chief security officer asked for an "end-of-life date for Flash.' That same month, Mozilla (sort of) blocked the once-ubiquitous plugin in its Firefox browser, and this December, even Flash developer Adobe started distancing itself from its creation, saying that it will now "encourage content creators to build with new web standards." We're not sure when we'll be able to declare the time of death for Flash, but we're sure that the next news you hear about the software won't be good.