![]() At the time, 91% of all Web exploits targeted Java vulnerabilities. So why am I not joining the chorus of pundits saying "Kill Flash" today? The problems with Java were different, more pervasive, and more acute. Last year I called for (most) users to stop using Java, in my article Time to Boycott Java?. When Adobe released a patched version the very next day, savvy users who downloaded and installed it could view Flash videos, games and other missing content again. Users could re-enable it in Firefox’s settings, if they knew how. Instead of automatically updating the plugin like its competitors, Firefox disabled the Flash plugin. On July 13, Mozilla Firefox took things a step further. ![]() ![]() Internet Explorer and Google Chrome automatically patched their built-in Flash players. Apple quietly continued to ignore Flash, which it has not supported on mobile devices since 2010. The tech community’s response has been pretty standard, despite journalists’ efforts to hype it up. Audaciously, Hacking Team blames the unknown data thieves for exposing the bugs’ existence, as if they were safely in HT’s hands alone. It’s unclear how long Hacking Team kept these bugs a profitable secret instead of helping Adobe fix them. Hacking Team’s staff described one of them as the "most beautiful Flash bug for the last four years” in a leaked email. The Hacking Team’s own network was hacked in late June, and 400 GB of internal documents were released via Bittorrent.Īmong the embarrassing emails, invoices, and other evidence that the company helps repressive governments, were the recipes for exploiting three previously unpublished Flash vulnerabilities. The most recently discovered holes in Flash were being exploited by The Hacking Team, an Italian cyber-spying firm that claims to sell its services only to government agencies.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |