With news that 92% of Windows PCs are vulnerable to a zero-day attack that Adobe won't patch until Thursday, is it time to dump Adobe's Flash player?
The most current versions of Flash player, 188.8.131.52 and 10.0.22.87, are both vulnerable to hackers. According to security companies, hackers are launching wave after wave of attacks, using both malicious websites, and websites that have been compromised.
I dumped Adobe Acrobat reader a while ago, replacing it with the excellent FoxIt Reader. Sure, this software isn't perfect, but it doesn't have the massive install base that Adobe Reader has, so it goes under the radar of hackers at present. Dumping Adobe Reader was a good move, but having Flash installed now seems like handing over PCs to the bad guys.
What's more shocking about this recent vulnerability is that Adobe has known about it for seven months but ignored it until now. Seven months!!!
I know that pretty much every time we talk about Windows security we end up talking about Microsoft and what it is doing to make computing safer for everyone, but it's now also time to realize that there are other companies with products that have a huge impact of security, and that maybe it's time for these companies to take security seriously.
[UPDATE: Looks like Adobe is blaming Microsoft for the bad code!]
Could you live without Flash player?