Google and Mozilla pull the plug on Adobe Flash
Google and Mozilla pull the plug on Adobe Flash: Tech giants disable the program on browsers following 'critical' security flaw
Leaked documents from an Italian cyber group recently revealed Adobe Flash has at least three serious vulnerabilities that lets hackers take over anyone's computer.
The end is could be nigh for Adobe Flash.
Leaked documents have revealed the program has a serious vulnerability that lets hackers take over anyone's computer.
And despite various patches and attempts at fixes, Google and Mozilla have now both pulled support for the plugin on their respective Chrome and Firefox browsers.
Adobe Flash, also known as Shockwave Flash, is used by websites to show multimedia items such as videos, graphics, games and animations.
It was once the go-to standard for multimedia, but many sites now use a markup language known as HTML 5 that does a similar job but is more advanced, doesn't require browser plugins and, given the recent hacks, is more secure.
Plugins, in particular, need to be updated regularly and are vulnerable to security flaws if people are using out-of-date versions.
Such a weakness was recently found in both the software version of Adobe Flash, and its plugin.
By its nature, the Chrome version of the Flash plugin is more secure than the program but its extra security was still not enough to block hackers completely.
This flaw was revealed when a cyberattack on government-sponsored group Hacking Team leaked a series of documents.
These documents showed the Italian group using at least three unpatched Flash exploits to reportedly hack into people's accounts and take over their computers.
It appears this organisation allegedly sold tools and services to governments, including oppressive regimes.
However, once the details of the flaws were made public it left the software open to other hacking groups and cybercriminals that could potentially take advantage of them.
This could involve attackers installing malware on people's computers, stealing personal details, monitoring keystrokes to steal passwords and more.
And it is believed these exploits have been live for at least four years.
Since the documents were leaked, security researchers have verified three previously unknown attacks, and the most recent, spotted by Trend Micro, has been rated as 'critical.'
Following the leak Adobe released a patch to fix the original vulnerability and this update was released on 8 July.
Earlier today the firm released another updated to Flash Player and said: 'We are proactively pushing the update out to users. We are also working with browser vendors to distribute the updated player.
'Flash Player is one of the most ubiquitous and widely distributed pieces of software in the world, and as such, is a target of malicious hackers.
'We are actively working to improve Flash Player security, and as we did in this case, will work to quickly address issues when they are discovered.'
Despite this, both Google and Mozilla have pulled support for the Adobe Flash plugin on Chrome and Firefox.
On Chrome, users will see an error message when they visit sites running Flash prompting them to upgrade the plugin, or it will let them 'Run this time.'
This enables the plugin for that specific video or graphic.
But when they try to update it, as per Google's official instructions, the component fails to update.
Google has not released an official statement.
On Firefox, updating the vulnerable Shockwave Flash plugin takes users to a blocked plugin page.
It explains: 'Flash Player Plugin between 11.0 and 11.7.700.169 has been blocked for your protection.
'Old versions of the Flash Player plugin are potentially insecure and unstable. All users are strongly recommended to update on our plugin check page.'
It warns that all users who have these versions are affected and Mozilla is automatically disabling the plugin.
Security researchers are advising people that 'due to the serious nature of this vulnerability and the likely risk of its use in cyberattacks in the coming days, we recommend users disable Adobe Flash Player in their browsers until the issue is patched.'