Coronavirus (COVID-19) information: All courses at all locations are available as live online classes. Limited in-person classes in some locations. Our offices remain open. Learn more.


Major security vulnerability identified in Adobe Flash

  • Published on February 5, 2014
Major security vulnerability identified in Adobe Flash

After taking Adobe classes at the American Graphics Institute, you'll have a greater understanding of how to use some of Adobe's most popular software packages, such as InDesign, Photoshop and Dreamweaver. You'll also gain insight into how other Adobe programs work with the core functionality of your PC or Mac and how these software programs operate. This knowledge could be very useful, as according to CNET, Adobe recently notified users of a crucial software vulnerability in its popular Flash plugin.

Urgent attention
Users of the Chrome and Internet Explorer browsers were urged to update their Flash players to the latest version following the identification of the security flaw. The exploit could be leveraged by crackers to gain remote access to users' machines without their knowledge.

"This vulnerability could allow an attacker to remotely take control of the affected system," read an official Adobe blog post published shortly after the vulnerability was first detected. "Adobe is aware of reports that an exploit for this vulnerability exists in the wild, and recommends users apply the updates referenced in the security bulletin."

Adobe rated the security risk of the exploit for Windows and OS X users as Priority 1, its highest designation of software vulnerability. However, the extent of the threat for Flash on Linux distributions was listed as Priority 3, a classification used to reference vulnerabilities that pose significantly less risk for users.

Move fast and break things
Although Adobe took swift action to notify users of the threat, the company's decision to adopt the "release early, release often" methodology favored by hackers and even tech giants such as Facebook. According to The Next Web, Adobe recently announced it would provide users with iterations to Flash much more frequently - a move that could have significant security implications for users.

However, it's worth noting that the streamlined update plans will only affect Adobe's beta testers, of which there are approximately 1.1 million, according to the news source. These individuals will receive automatic updates to Flash directly from beta release clients, unlike typical users who can still opt out of automatic updates.

Of course, while the "move fast and break things" ideology can be highly useful in agile software development, it poses certain risks - especially when applied to such ubiquitous software programs like Flash. While Adobe's handling of the latest vulnerability was swift, the fact remains that balancing security with the introduction of new features is a balancing act, even for software companies such as Adobe.

About the author

Christopher Smith is president of American Graphics Institute in Boston, Massachusetts. He is the publisher and editor of the Digital Classroom book series, which have sold more than one million copies. At American Graphics Institute, he provides strategic technology consulting to marketing professionals, publishers and to large technology companies including Google, Apple, Microsoft, and HP. An expert on web analytics and digital marketing, he delivers Google Analytics training along with workshops on digital marketing topics. He is also the author of more than 10 books on electronic publishing tools and technologies, including the Adobe Creative Cloud for Dummies. Christopher did his undergraduate studies the at the University of Minnesota, and then worked for Quark, Inc. prior to joining American Graphics Institute where he has worked for 20 years.