After the Hacking Team leaks exposed two major vulnerabilities in Adobe Flash, the Web’s two most popular browsers on Monday took the unusual step of blacklisting Flash Player 18.0.0.203.
The move by Mozilla‘s Firefox and Google‘s Chrome teams marked the latest attempt to triage the damage from a flaw in one of the most popular software platforms in existence. Hundreds of millions of Internet users rely on Flash to stream videos, despite the increasing prevalence of faster and more secure alternative platforms like HTML5.
The Flash vulnerabilities, which are completely outlined in the leaked Hacking Team emails, let attackers execute malicious code on a target’s machine using a gap in Adobe’s software.
Adobe finally published Flash Player 18.0.0.209, with fixes for the exploits, early Tuesday morning—but in the intervening week, major tech companies piled on with criticism. Facebook‘s chief security officer said Adobe ought to stop making Flash, arguably its best-known product since Photoshop.
Users of Google Chrome and Mozilla Firefox should upgrade to the latest version of Flash as soon as possible.
H/T Ars Technica | Illustration by Max Fleishman