Apps

Uh Oh: Adobe Warns Against Critical Security Flaw in Flash

25

Steve Jobs, are you laughing yet? We call Jobs naive, scared, and all of these other things as he downplays Flash due to its performance issues and security risks, but the fact of the matter is he’s right: with Flash comes the vulnerabilities and downsides that’s always plagued the platform.

thumb_300_adobe-flash

Adobe’s discovered a critical security flaw in the latest version of flash for both the desktop computer and for Android that can cause systems to crash and even allow an attacker to remotely control your device. They have a fix being finalized, but we won’t see it until September 27th, at the earliest. Scary stuff. I’m sure we’ll be fine until Adobe gets this rolled out to everyone, but it’s one of those things that makes you think. And after you think, you quickly forget about it as you head on back to Kongregate to play more Flash games.

[Adobe via Androinica]

Quentyn Kennemer
The "Google Phone" sounded too awesome to pass up, so I bought a G1. The rest is history. And yes, I know my name isn't Wilson.

Samsung Galaxy S (i9000) to get Android 2.2 September 23rd?

Previous article

The OpenPeak Tablet Doesn’t Look Bad in this Hands-On

Next article

You may also like

25 Comments

  1. Well……Jobs is still a tool.

  2. What I’m trying to figure out is WHY a program that is supposed to simply display cutesy animated graphics, provide simple interaction with human input devices, has the security privileges to exploit so that it could control a whole device or computer.

    Astonishing – and another reason why I think Android using flash as a market differentiator is dangerous.

  3. The important thing is the flaw was found, admitted to and is being fixed. Jobs need to look in the mirror and laugh as he continues to patch that swiss cheese OS known as OSX. And what’s with this pro-Jobs attitude here? Last time I checked this isn’t Appleinsider or some pro-Apple website. They get way too much positive press as is already.

  4. BTW, Flash isn’t mandatory. If don’t want to use it, simply turn it off and then you can be like the crappy crippled iPhone.

  5. @John just because we’re an Android site doesn’t mean we have to necessarily hate iOS, Apple, or the guy who runs it.

  6. No, we just hate iOS and the guy who runs it because they are anti-competitive control freaks who think they are better than everything else in the world. Everyone else in the world should also listen to them and believe every thing they say, no questions asked.

  7. To clarify – speaking about Jobs specifically, not all users of iOS devices.

  8. Who said hate? I’ve noticed the positive Apple/Jobs tilt before. Pointing out the obvious ego and flaws does not mean hate.

  9. As a long time reader who has read 98% of the headlines on this site since October… With all due respect, I am pretty sure that this is the worst introduction to a blog post yet, Quentyn. I think you might want to either reword it or put on your flame suit! hahahaha, good luck.

  10. “the matter is he’s right: with Flash comes the vulnerabilities and downsides that’s always plagued the platform.”

    OMG! If Steve Jobs thinks that the security risk is too high, that must mean I shouldn’t have the option of using it.
    Uh huh. Here’s a thought; Why not let ME decide if the risk is worth it or not? Novel idea I know.

  11. @Jeff I agree with you there. As I said, as most will ponder his previous thoughts, most will forget and continue on enjoying flash anyway. Not to mention I haven’t heard of any freak hacking episodes when Flash was at its most vulnerable on desktops, so I’m sure we’ll be fine here.

  12. this is a big nothingburger.

  13. Didn’t I read that CrApple has opened the Market up a slight bit enough to allow Flash on the iPhone ?
    If so , so ends the advantage .

  14. If you go to browser settings>enable plugins u r given an option for off/on demand/on …

  15. Every device/software has security issues one way or another. I would rather a developer (adobe for example) support a product, make strides and improve upon themselves then some one not try anything new (such as apple).

    I don’t use a device just because it has security issues. As long as those issues are actively being worked on and patched then I am happy. People need to be more responsible for their own actions. Most people that have problems are the people that don’t know what to download or open and then risk themselves to a virus or some other problem.

  16. “No, we just hate iOS and the guy who runs it because they are anti-competitive control freaks…”
    .
    How do we feel about Verizon and Motorola, then?

  17. Look at the iPhone IOS last month how it got Jailbroken. Through a website the whole phone pulled its panties down and said” do with me what you will”. Come on…Flash is just as secure as the rest of them. At least we have choice.

  18. Does Flash not run in its own process? I’m that’s why sandboxing is emphasised in Android, so a problem in one app cannot be exploited to access other parts of the system.

    If Flash is sandboxed, we have nothing to worry about apart from crashes since Flash has 0 permissions.

    If Flash isn’t sandboxed and is loaded into the browser process, then it’s an epic design fail by the Android team.

  19. Andy, you might not like Apple, but they are much better than the other companies! All other are followers…
    Regarding Flash, the thing has a strong market place even though its quality is questionable. Just like Office, Flash will probably survive for still quite some time.

  20. “Jobs is still a tool”
    (originally posted by Shiney McShine)
    +1
    hahahahaha NICE DUDE!!!

  21. If Flash was such a liability it wouldn’t be ALL OVER the Web!
    Problems it may have, but if you want the Whole internet theres only one way to go…Period! Personally, i’ll take the risks, as each and every person who has ever viewed Flash content on a web page has.
    (And yes, Jobs is a genius and a visionary and all that, but if he hates flash so much, why does he allow it on his beloved Macs?! Because a desktop PC without Flash is not a complete product. That’ll be the case for phones soon as well)

  22. Well Szientific, Flash is ALL OVER the Web just like flies are all over a picnic. Just because it’s ubiquitous doesn’t make it good. As someone who has worked in Flash for years, I am in no hurry to see it’s buggy, clunky code ported to my mobile devices.

    Mobile Apps are successful because users want the fewest number of clicks to content without slogging through “Skip Intro” pages, banner ads and the custom window-dressing that is Flash.

    IMHO both Apple and Android users are better off without Flash on their mobile platforms.

  23. ok let’s all turn off our computers and go back to using pencils and paper and we will be completely safe (no wait…we could poke ourselves in the eye with pencils and paper cuts are nasty)

  24. Aside from the discussion here, this article was written as though Flash was the only piece of software ever to have a security flaw…

  25. I installed Flash on my Droid a few weeks ago and then BAM!–the world economy took a nosedive, Patrick Swayze died, and 2 drives in one of my RAID5 arrays simultaneously failed. That’s not just coincidence, folks.

    Okay, it didn’t happen in that order but I stand firm that forces beyond our control are out to get us and it’s only a matter of time before those forces do “get us” and Flash may be tool they use.

    In the meantime, I’m going to continue to enjoy Flash on my phone to watch videos of people failing.

Leave a reply

Your email address will not be published. Required fields are marked *

More in Apps