SoylentNews

-- OriginalOwner_ [tinyurl.com] writes:

from the how-high-is-your-pain-threshold? dept.

El Reg reports [theregister.co.uk]

Adobe has released an update for Flash that addresses three dozen CVE-listed vulnerabilities. The update includes a fix for the CVE-2016-4171 remote code execution vulnerability that is right now being exploited [adobe.com] in the wild to install malware on victims' computers.

Adobe is recommending that users running Flash for Windows, macOS, Linux, and ChromeOS update the plugin as quickly as possible, giving the update the "Priority 1" ranking, a designation reserved for flaws that are, according to Adobe, "being targeted, or which have a higher risk of being targeted".

[...]The update comes just days after Adobe posted its June security update to address vulnerabilities [theregister.co.uk][1] in Flash as well as Cold Fusion, Creative Cloud, and Brackets.

The release also comes as more software makers are opting to exclude Flash from their browsers. Apple said [theregister.co.uk] Safari will be disabling Flash by default, joining the ranks of Google Chrome [theregister.co.uk] in opting for HTML5 content rather than Flash code, due to the large volume of security flaws present in the widespread browser plugin.

[1] The headline of that page made me smile for its ongoing truth--and, once again, wince for those still using those brands of software.

Original Submission