UPDATED 11:56 EDT / JULY 14 2015

NEWS

Industry moves in to finish off Flash after Hacking Team exploit revelations

The first casualty of the attack on the now infamous Hacking Team may not be the Italian spyware vendor itself, as many undoubtedly hope, but rather Adobe Flash, which is now officially blocked in FireFox after the discovery of a third zero-day vulnerability in the trove of internal data pilfered through the breach. And the industry’s frustration with the media player is only widening.

Adobe Systems Inc.’s ubiquitous runtime has long struggled with severe security issues that have compromised more consumers than anyone can count over the years along with a number of high-profile corporate victims. The most notable of the bunch is encryption powerhouse RSA, which saw hackers exploit a zero-day vulnerability just like the one uncovered today back in 2011 to steal sensitive data pertaining to one of its most widely used products.

Flash’s security woes have contributed a great deal of momentum to the shift towards alternatives set forth by the late Steve Jobs’ famous decision to avoid adding support for the player on iOS due to poor mobile performance, power efficiency and, of course, vulnerability to attacks. The new bugs may provide the final boost needed to push the software into irrelevance.

The third and latest vulnerability that emerged this morning is the straw that broke the camel’s back. Codenamed CVE-2015-5123 by the Trend Micro Inc. researchers who discovered it, the flaw enables hackers to exploit the part of Flash used to manipulate the presentation of Bitmap objects in order to completely take over a system, which makes it just as severe as the previous two loopholes that have been uncovered from the Hacking Team’s leaked internal records over the past week.

Adobe already released a security advisory for the bug when Trend Micro raised the alarms, but not before the backlash could start. Mozilla Corp. fired the first shot after updating its popular browser this morning to disable Flash by default, which promptly spawned a wave of how-to guides in the tech sphere on removing the player from platforms that still support it.

Facebook Inc.’s recently appointed chief security officer, Alex Stamos, went a step further and called on Adobe itself to take action by announcing an end-of-life date for Flash. The company may very be forced to do so at this point, if nothing else than to save face, since the fate of its once dominant media player now appears all but sealed.

Photo via Brian Klug

A message from John Furrier, co-founder of SiliconANGLE:

Support our open free content by sharing and engaging with our content and community.

Join theCUBE Alumni Trust Network

Where Technology Leaders Connect, Share Intelligence & Create Opportunities

11.4k+  
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+ 
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.

SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.