Newly discovered flaws prompt Chrome and Firefox to block Adobe Flash

After the Hacking Team leaks exposed two major vulnerabilities in Adobe Flash, the Web’s two most popular browsers on Monday took the unusual step of blacklisting Flash Player 18.0.0.203.

The move by Mozilla‘s Firefox and Google‘s Chrome teams marked the latest attempt to triage the damage from a flaw in one of the most popular software platforms in existence. Hundreds of millions of Internet users rely on Flash to stream videos, despite the increasing prevalence of faster and more secure alternative platforms like HTML5.

The Flash vulnerabilities, which are completely outlined in the leaked Hacking Team emails, let attackers execute malicious code on a target’s machine using a gap in Adobe’s software.

Adobe finally published Flash Player 18.0.0.209, with fixes for the exploits, early Tuesday morning—but in the intervening week, major tech companies piled on with criticism. Facebook‘s chief security officer said Adobe ought to stop making Flash, arguably its best-known product since Photoshop.

(Sorry, this embed was not found.)

Users of Google Chrome and Mozilla Firefox should upgrade to the latest version of Flash as soon as possible.

H/T Ars Technica | Illustration by Max Fleishman

Patrick Howell O'Neill

Patrick Howell O'Neill

Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.