Is Adobe Flash Player Safe?

[harlan4096]

Is Adobe Flash Player Really Worth the Trouble?

Asking the real questions here: is Adobe Flash Player Safe? I would wager to say “no”; there have been far too many malicious attacks using Adobe’s Shockwave Flash for deployment and dissemination of malware.

Regarded mostly as a vulnerability rather than a practical software development, Adobe announced in early July 2017 that it will discontinue support for Flash Player by the end of 2020.

Yes, it’s indeed a red flag, but unfortunately, not the only one. Still planning on using Shockwave Player on your machine? You might change your mind after reading this article.

What is Adobe Flash Player?

Fascinating little gimmick this Flash Player is or rather was if we consider Adobe’s decision. And quite old: the very first version of Adobe’s Flash Player came out in January 1993, but only shifted into full swing around 2013. At that time, it was estimated that 400 million out of 1 billion desktop computers were using Flash Player.

Still, what the H-E-Double-Toothpick is this Shockwave Player? Well, to make a long story short, Flash Player is computer software used to run any type of content developed on the Flash Platform. This includes audio, video, vector graphics, 3D graphics, raster graphics, and various types of scripts.

Although loathed by most of the community for its lackadaisical security, Flash Player was once very popular. Long before HTLM5 was implemented, virtually every website was using Flash Player for videos and animations. Yes, that includes YouTube.

Over the years, things have changed. Flash Player is no longer considered an industry-standard since it can’t handle complex videos and animations. On top of everything, it’s regarded as a security liability. As a result, major browsers have begun sandboxing Adobe Flash Player; as sensible first step towards purging it all together.

Is Adobe Flash Player Safe?

I was never for blackballing software, regardless it’s legacy, useless, or really old. However, in Adobe Flash Player’s case, I’m going to make an exception. So, apart from the fact that it’s no longer able to keep up the pace, it has proven to be a major vulnerability.

XMRig Crypto Mining

The latest attack steak reiterates the need for a more secure web-based software development environment. According to a Palo Alto Networks security update, a next-gen malware masquerading as an Adobe push update would install XMRig crypto mining code on the victim’s PC.

Of course, like in many other cases, the infiltration could have been prevented if the user would pay more attention to the signs. As Palo Alto noted, the bogus update was not digitally-signed, which triggered a Windows UAC response since the publisher could not be verified.

And because no one ever bothers to check these things out, the user would have had dismissed the notification by continuing with the installation (bad move!). Cryptominers aren’t that bad – sure, they slow down your machine to the point where you’ll have trouble running a YT video, but that’s about the damage they can do.

Turla Spear-phishing

Still, there are instances when Flash Player went full dark side. In early January 2018, it was discovered that Adobe Flash Player was the perfect gateway for the dreadful Turla, an APT group suspected of numerous online illicit operations, from spear-phishing diplomatic bodies to dropping backdoor malware.

The method of execution was, more or less, the same – pushing a spiked Adobe Flash Player updating package, the group was able to gain instant access to the infected machine.

The CrescentCore Affair

Another instance when Adobe Flash Player proved to be an efficient attack vector was during the CrescentCore crisis of July which mostly affected Mac users. Cybersecurity researchers figured that the malicious payloads were delivered via a compromised Adobe Flash Player update, which was actually a DMG package.

Since it was virtually impossible to tell them apart, some researcher argued that it’s best to avoid installing Flash Player updates altogether, including those which are available for download on Adobe’s official website.

Brav0 #15982 Gone Rogue

Last, but not least, there’s the zero-day vulnerability discovered by Gigamon ATR in late December 2018. Codenamed CVE-2018-15982, this vulnerability was exploited in the wild through a breach in Adobe Flash Player’s base code. As for the payload, it was delivered via an infected Microsoft Office document.
...

Continue Reading