The fallout of the Hacking Team leak is hitting Adobe hard. The leak revealed two unpatched vulnerabilities in the company’s ubiquitous (and ubiquitously disliked) Flash Player. Because it took Adobe a while to patch these, Mozilla decided to block all versions of Flash for Firefox users.
Adobe today finally released a patched version of Flash, but Firefox users may have to manually update their Flash installs to get this new version (assuming they actually want to use Flash again).
This marks the second time in a week that Adobe had to patch a Flash vulnerability because of the Hacking Team leaks.
It’s no secret that even Adobe isn’t very fond of Flash anymore. While it served its purpose in the early days of the web, HTML5 and other web standards now allow developers to replicate most of its functionality without having to rely on what has increasingly become an insecure and inefficient plug-in. Google’s YouTube already defaults to HTML5 instead of Flash and Chrome will soon start auto-pausing Flash content it doesn’t consider ‘central‘ to a web page.
Overall, the web is better off without Flash and as Facebook’s chief security officer Alex Stamos said a few days ago, it’s probably time to set an end-of-life date for Flash.