The cause of many sleepless nights and compromised systems that is Adobe Flash will finally be laid to rest. Adobe has released a statement announcing that they will no longer distribute or update flash past 2020. They have encouraged content creators to develop on the open formats that have taken over the web such as HTML5, WebGL, and WebAssembly. Not only did Adobe announce they would end Flash, they also will be working with Apple, Facebook, Google, Microsoft, and Mozilla to ensure it is no longer used anywhere on widely adopted devices and browsers.
Open standards like such as HTML5 and the others mentioned above have become the dominant standards to build content on and they often prove to be much safer than Adobe Flash ever was. Flash had to recently patch nine security vulnerabilities that would allow an attacker to seize control of a user’s computer. Despite a security experts best efforts, Flash was always the thorn on their side.
The Security Nightmare & Downfall
Flash has been a security vulnerability from the start. It did not take hackers long to figure out how to exploit the software. An analysis in 2015 identified Adobe Flash as one of the most exploited products as it was vulnerable to a majority of the 100 exploit kits tested. This was revealed in 2015 and the patch to address those vulnerabilities in an effective manner was not released until June 2017. New exploits were found very frequently with Adobe scrambling to patch it up, however it never seemed to be enough.
Flash was a source of extreme frustration that caused even the most seasoned cyber security experts sleepless nights. Anti-Flash movements had started online with many browsers disabling or removing Flash by default on their browsers. With the option of HTML5 many users are able to use that as their alternative for interactive content such as video and animation. When HTML5 was first released it was able to create games as well to the same degree as Flash.
It was 2010 and Steve Jobs made the announcement that disrupted the interactive content world at the time. Steve Jobs had announced that Apple would not allow Flash software in any of its products. The year prior, Symantec released a report highlighting that Adobe Flash had one of the worst security records. It was after Job’s announcement that Flash use would drop dramatically in the years to come. Google had demonstrated this by in a blog post where they had highlighted that in the past few years users who visit sites requiring Flash had dropped from 80% to only 17%.
The Future of Interactive Content
Thankfully the downfall of Adobe Flash will not be too much of a disruption to web development. Web designers and developers had to quickly adopt the standards of HTML5 when it was officially released in October 2014. Adobe has even developed tools for developing in HTML5 such as Adobe Animate. It may seem like a change but the transition away from Adobe Flash has been long underway for years now. With much of the downfall starting in 2010 when Apple became one of the first major tech companies to reject Flash on it’s products. One of the challenges during the phase-out of Flash will be dealing with outdated versions being distributed in some parts of the globe and the internet.
Flash was of principal concern for endpoints (devices) with access into a network. One of the most difficult tasks to achieve was protecting an endpoint from a Flash vulnerability or attack. With the phase out of Flash that will become a much easier tasks for security experts.
What are your thoughts on Adobe Flash’s end-of-life announcement? Are you worried about network security beyond Adobe Flash, Teramind may be able to provide some peace of mind.