Adobe Flash has been a major culprit for an infrastructure that cybercriminals and hackers utilize to infiltrate computers and create vulnerabilities to setup malicious attacks on systems running the dated multimedia software platform. Many large tech companies, including several web browser application creators, have had their own struggles with Adobe Flash due to countless vulnerabilities and bugs that end up allowing attackers to gain control of computers that utilize Flash. Facebook has been boisterous in their push for Adobe to get rid of flash for good as directed by Facebook's current CSO (Chief Security Officer), who happens to be Yahoo's former CSO.
Adobe's Flash technology has long been scrutinized for its lack of security. It is nearly every week that there is a new type of Flash vulnerability exposed allowing cybercrooks and hackers to attack computers and spread malicious software without any roadblocks. Adobe is always on the chase releasing updates to Flash attempting to fix security issues every month this year so far.
In Facebook's quest to provide a more secure platform for their one billion-plus users, Adobe Flash is continually a thorn in their side. With Adobe Flash looming to provide web multimedia on some antiquated platforms, secure HTML5-based solutions are shining brighter with each zero-day vulnerability discovered within Flash.
HTML5 is the alternative and definitive answer to Adobe Flash. The internet, for the most part, has moved towards HTML5 but some still cling onto Flash. Facebook's CSO, Alex Stamos, has repeated their want for Adobe to announce an end-of-life date for Flash, and also have web browsers set killbits, which would close the security hole that Flash could open up by limiting or denying use of Flash.
Stamos has implied openly on Twitter that, "Even if the kill date is 18 months from now, one set date is the only way to disentangle the dependencies and upgrade the whole ecosystem at once." Stamos' suggestions sound great, but as we know from companies like Microsoft, such a move to kill Flash would be a methodical approach and end up taking much longer than we all expect. Microsoft only ended their support for Windows XP in April of 2014 while the operating system was released in August of 2001 and had a replacement in Windows Vista in 2007.
There is no doubt that Adobe Flash poses a serious security debacle for just about everyone on the internet. At some point and time computer users across the world will encounter a webpage that uses Flash. In these cases computer users may be prompted to install Flash and will occasionally do so putting them at risk in the future for having an exploited vulnerability. At this point and time, many computer security experts and tech companies will agree that Adobe Flash poses more of a problem than it does good for end users of its multimedia functionality.
Unfortunately, until Adobe adheres to the advice of Facebook we continue to witness and address security vulnerabilities and zero-day exploit issues arise out of Flash. Even though pulling the plug on Flash would initially hurt Adobe, we have a feeling that will bounce back just fine with a newfound focus on newer products and support.