The Register: Adobe Flash zero-day exploit… leveraging ActiveX… embedded in Office Doc… BINGO!

The Register: Adobe Flash zero-day exploit… leveraging ActiveX… embedded in Office Doc… BINGO! . “Stop us if you’ve heard this one before: An Adobe Flash zero-day vulnerability is being actively targeted in the wild to hijack victims’ Windows PCs. Researchers with Gigamon Applied Threat Research (ATR) and Qihoo 360 uncovered a phishing campaign that exploits CVE-2018-15982, prompting Adobe to today release an out-of-band emergency update to patch up the flaw.”

The Register: Did you hear? There’s a critical security hole that lets web pages hijack computers. Of course it’s Adobe Flash’s fault

The Register: Did you hear? There’s a critical security hole that lets web pages hijack computers. Of course it’s Adobe Flash’s fault. Deep sigh. “Adobe has emitted software updates to address a critical vulnerability in Flash Player for Windows, Mac, and Linux. PC owners and admins will want to upgrade their copies of Flash to version 31.0.0.153 or later in order to get the patch – or just dump the damn thing all together.”

Lifehacker: You Really Shouldn’t Be Running Adobe Flash Player Anymore

I’ve been saying this for years. Lifehacker: You Really Shouldn’t Be Running Adobe Flash Player Anymore. “So if Flash is about to be abandoned by Adobe, is a security nightmare, and has been largely ignored by the majority of web developers for years now, you might as well stop using it, too. Here are a few methods for disabling Adobe Flash.”

Paloalto Networks: Fake Flash Updaters Push Cryptocurrency Miners

Paloalto Networks: Fake Flash Updaters Push Cryptocurrency Miners. “In most cases, fake Flash updates pushing malware are not very stealthy. In recent years, such imposters have often been poorly-disguised malware executables or script-based downloaders designed to install cryptocurrency miners, information stealers, or ransomware. If a victim runs such poorly-disguised malware on a vulnerable Windows host, no visible activity happens, unless the fake updater is pushing ransomware. However, a recent type of fake Flash update has implemented additional deception.”

Stop us if you’ve heard this one: Adobe Flash gets emergency patch for zero-day exploit (The Register)

The Register: Stop us if you’ve heard this one: Adobe Flash gets emergency patch for zero-day exploit . “Adobe has kicked out an out-of-band update for a security vulnerability in Flash – after learning the bug was being actively exploited in the wild by hackers to hijack PCs. The Photoshop giant said today its Flash Player 30.0.0.113 update should be a top installation priority for Mac, Windows, and Linux systems.”

Bleeping Computer: Flash Used on 5% of All Websites, Down From 28.5% Seven Years Ago

Bleeping Computer: Flash Used on 5% of All Websites, Down From 28.5% Seven Years Ago. YAAAAAAAY! “Only 4.9 percent of today’s websites utilize Flash code, a number that has plummeted from a 28.5 percent market share recorded at the start of 2011. The number, courtesy of web technology survey site W3Techs, confirms Flash’s decline, and a reason why Adobe has decided to retire the technology at the end of 2020.”

Nieman Lab: Here’s how The New York Times is trying to preserve millions of old pages the way they were originally published

Nieman Lab: Here’s how The New York Times is trying to preserve millions of old pages the way they were originally published. “Adobe is sunsetting the software, which powered so many early web games and videos, in December 2020; browsers like Chrome, Edge, and Safari have already choked off or limited support for Flash Player over the past few years. The fate of so many Flash games and interactives, absent proper guardians, is part of a broader problem: how to rescue work painstakingly built on now-outdated formats from the dustbin of internet history. It’s one The New York Times has been grappling with for its two decades of online content.”