THEO Blog

The Case of Adobe’s next Zero-Day Flash Vulnerability

It’s not a secret that Adobe Flash Player has recently seen some serious flaws and vulnerabilities affecting your devices. Another critical zero-day vulnerability (CVE-2016-4117) came to light this week. Adobe confirms in its security advisory that “successful exploitation could cause a crash and potentially allow attackers to take control of the affected system”.  It affects Adobe Flash Player 21.0.0.226 and earlier versions that are installed on Windows, Mac, Linux and Chrome OS.

Adobe Flash hacker attack

Over the past two weeks, a similar case was unraveled: The latest zero-day vulnerability in Adobe Flash Player has been used to distribute a ransomware called Cerber. Cerber encrypts your local files with AES encryption and asks for up to $500-$1000 for decryption.

It is also interesting to know that the latest security updates covered as much as 95 patches in Acrobat and Reader...


Adobe Flash – an easy target

So why do hackers target Adobe Flash? The reasons are many:

  • Flash is installed on many computers both in the personal and enterprise world.
  • All the victim has to do is visit a web page and the Flash code will be executed.
  • Wide scale abuse of Flash bugs is relatively easy thanks to Flash banners.
  • Adobe Flash has a very poor update mechanism. Users only update after they encounter a problem.

As long as Adobe Flash is installed on such a large number of devices, more and more bugs will be found and exploited by criminals or cybersecurity agencies.


How to escape Adobe Flash vulnerabilities

HTML5 avoids the vulnerabilities of Adobe Flash Player

There is a change coming. With mobile platforms not supporting plugins such as Adobe Flash or Microsoft Silverlight, more and more companies are focusing on providing HTML5 alternatives. The industry is moving away from browser plugins and towards HTML5.

Furthermore, more and more browser vendors have spoken out against plugins. Today Chrome and Edge no longer supporting the Microsoft Silverlight plugin and Firefox will follow shortly. It is a matter of time until Adobe Flash will follow suit.

So, how to get on the “HTML5 wagon” and move forward?

We encourage everybody to consider the cost and impact of being targeted by an Adobe Flash exploit before deciding on what software they want to incorporate in their enterprise environment. There are alternatives available that make sure you do not have to deal with the Adobe Flash problem.

Opting for a video player solution based on HTML5 will enable you to stream to all modern browsers and devices, either desktop or mobile. This will remove the need to install any plugin such as Flash or Silverlight and simplifies your life as content publisher.


Let’s discover how we can provide a secure and stable solution for your online streaming. Or simply discover our demo zone.

Get in contact with us

Subscribe by email