The first version of Adobe Flash was released in 1996, when most internet users relied on dial-up services to access their favorite sites, hoping that no one would call in the meantime. The popular plug-in played an important role in the shaping of the modern internet, allowing users to access a wealth of content.
However, nothing is without flaws, and Adobe releases a large number of security patches for the plug-in as malicious entities strived to track down and explore vulnerabilities which could be used to target computers and steal valuable data.
Since the plug-in has been replaced by popular alternatives like HTML 5, Adobe has decided to retire it 2020. The company has managed to identify a new vulnerability with the help of a reported submitted via a popular platform.
This may not seem to be too impressive, but the flaw was marked as critical due to the exploitation potential. It is present in version 22.214.171.124 and previous releases, allowing a malevolent attacker to use the plugin with the help of a malicious website or Active X controls.
Furthers research has led to a surprising discovery as the bug is present across several desktop version of the Flash Player, including those for macOS, Windows, and Linux, while also being traced in the plugins used by popular browsers like Google Chrome, Internet Explorer 11 and Microsoft Edge. On some tech forums, it was classified as a use-after-free vulnerability due to the mechanics.
By executing specific tasks In ActionScript potential attackers have the option to take control of a pointer and force the app to use it again after it is freed. This means that hackers can use the vulnerability to execute malicious code without any obvious signs.
To mitigate the potential security risks users are encouraged to visit the official Adobe website and to download and install the latest version of the program.
Daniel Kiss is the senior editor for News Lair. Daniel was working as a writer since he finished high-school, first for local papers then he started online, nowadays he likes to write about the latest games and tech innovations.