Major security vulnerability identified in Adobe Flash
Adobe Training Classes from the authors of the best-selling book Adobe Creative Cloud for Dummies
We'll provide you personalized
training options right away.
Published on February 5, 2014
After taking Adobe classes at the American Graphics Institute, you'll have a greater understanding of how to use some of Adobe's most popular software packages, such as InDesign, Photoshop and Dreamweaver. You'll also gain insight into how other Adobe programs work with the core functionality of your PC or Mac and how these software programs operate. This knowledge could be very useful, as according to CNET, Adobe recently notified users of a crucial software vulnerability in its popular Flash plugin.
Users of the Chrome and Internet Explorer browsers were urged to update their Flash players to the latest version following the identification of the security flaw. The exploit could be leveraged by crackers to gain remote access to users' machines without their knowledge.
"This vulnerability could allow an attacker to remotely take control of the affected system," read an official Adobe blog post published shortly after the vulnerability was first detected. "Adobe is aware of reports that an exploit for this vulnerability exists in the wild, and recommends users apply the updates referenced in the security bulletin."
Adobe rated the security risk of the exploit for Windows and OS X users as Priority 1, its highest designation of software vulnerability. However, the extent of the threat for Flash on Linux distributions was listed as Priority 3, a classification used to reference vulnerabilities that pose significantly less risk for users.
Move fast and break things
Although Adobe took swift action to notify users of the threat, the company's decision to adopt the "release early, release often" methodology favored by hackers and even tech giants such as Facebook. According to The Next Web, Adobe recently announced it would provide users with iterations to Flash much more frequently - a move that could have significant security implications for users.
However, it's worth noting that the streamlined update plans will only affect Adobe's beta testers, of which there are approximately 1.1 million, according to the news source. These individuals will receive automatic updates to Flash directly from beta release clients, unlike typical users who can still opt out of automatic updates.
Of course, while the "move fast and break things" ideology can be highly useful in agile software development, it poses certain risks - especially when applied to such ubiquitous software programs like Flash. While Adobe's handling of the latest vulnerability was swift, the fact remains that balancing security with the introduction of new features is a balancing act, even for software companies such as Adobe.
About the author
Christopher Smith is president of American Graphics Institute in Boston, Massachusetts. He is the creator and editor of the Digital Classroom book series. At American Graphics Institute, he provides strategic technology consulting to marketing professionals, publishers and to large technology companies including Google, Apple, and Microsoft. He delivers workshops relating to digital marketing, web analytics, SEO, and SEM. He is also the author of more than 10 books on electronic publishing tools and technologies, including the Adobe Creative Cloud for Dummies. Christopher did his undergraduate studies the at the University of Minnesota, and then worked for Quark, Inc. prior to joining American Graphics Institute where he has worked for 20 years.