I've removed Adobe's Flash system-wide mid-August (last version in my software archives is 18.0.0.209) and I manage well without it. Most sites handle HTML5, yet not all, pity for them because they're late when I am not. I've also noticed a strange site behavior : when I had Flash (as a plug-in on Firefox) and disabled it, some sites refused to run without it even though they were HTML5 ready, but once Flash removed those same sites ran HTML5 flawlessly. Odd. Whatever, everyone (I mean the pros included) knows Flash is archaic, indiscreet and dangerous . Greater the number of users who will have removed it completely from their system faster lazy webmasters will update their site.
Hi folks, As for Flash I am not an expert. One time I read about Flash being replaced by HTML5 and one shouldn't install Flash anymore because -allegedly- it contained too many vulnerabilities. So, whilst installing Windows 10 from scratch I skipped installing Flash. However, I came across decent sites that required Flash, e.g. Speedtest, or a site dealing with statistics. Am running Firefox so there is no Flash included. So, I installed it from the Adobe site. Now, only later I discovered that Microsoft Edge includes Flash, so I could have been using Edge for those few occasions. Q: Edge and Chrome - they include Flash - are they then as vulnerable as Firefox with a separate Flash install? Seems to me that a 0-day-vulnerability is valid for either Flash version, built-in or separate install? I am considering to just leave it installed, rather than to restore a previous Windows image that doesn't include Flash. Appreciate your views. Thanks! = Software used: Windows 10 x64 Pro, Emsisoft Internet Security, Malwarebytes AntiMalware,
I still use Flash, and have even installed it on my Android phone. In my opinion it does not provide a significant security risk having it enabled. Not so long ago, I disabled it in my Chrome based browser, (360 Extreme Explorer) after reading a post here mentioned reduced RAM usage it with it disabled. However, I soon enabled it again, as some sites require Flash. Personally, I'd much rather having all websites load correctly, rather than disabling Flash and breaking some sites, as I don't believe it poses a significant security risk for me.
@wiwul a simple way to manage the risk in Firefox is to set Flash in Addons to 'Ask To Activate', and whitelist sites you trust.
Thank you both - roger_m and RJK3. @RJK3 - note that I installed Flash this morning. Then whilst writing my above posting, I noticed that Emsisoft taskbar icon/button was gone (wanted to check what version was installed). I tried launching Emsisoft a few times clicking on the desktop icon, got the spinning circle for a few seconds, but nothing happened, it wasn't launched and no taskbar button. Emsisoft was running though (taskmgr). Also, whilst browsing, I saw a black pop up warning flashing - but I could not read the contents - it was gone too quickly. All in all, I decided to restore Windows image I created a few days back. So, at this point, Flash isn't installed. Now you say that there is something in Firefox addons...? whitelist ? Note that before restoring the image, i.e. with Flash installed, I checked the add-ons page within Firefox, but there was no 'Flash' there. (I don't know if it should be listed there though..., maybe not) @roger_m : I should decide whether for the site that require flash, I should jump to Edge. Edige looks nice, but as long as it does not accept 3rd party password managers, such as Roboform, well, I will not use it. (I have much dislike Chrome-interface, frankly speaking, I gave it a try a few times, but I went back to Firefox) =
Addons > Plugins It's best practice to have vulnerable plugins "Ask to Activate" or Disabled, and the latter can improve performance if there are many plugins. Re: Emsisoft, my only suggestion would be checking if the notification icon was hidden after a moment of inactivity.
"Being" yes, but not "has been" replaced. HTML5 isn't even fully supported by any browser yet and it definitely isn't fully implemented by the Internet. By that logic, one shouldn't even install Windows. Install what you use, ditch what you don't. We mitigate vulnerabilities, not eliminate them. Don't be a cyberchondriac. (Is that a word? It should be a word, 'cos it's a thing.) I can't imagine a 3rd party keeping Flash up-to-date (first line of defence) better than Adobe. Adobe checks every hour; Chrome doesn't, despite its having its own update process running all the time.
Why you should uninstall Adobe Flash Player http://www.theage.com.au/digital-li...stall-adobe-flash-player-20151015-gk9l5k.html
Currently I have installed on my system 1) Adobe Flash Player 19 NPAPI, 2) Adobe Flash Player 18 ActiveX and 3) Adobe Shockwave Player 12.2. I have absolutely no idea what the NPAPI or the ActiveX following Adobe Flash Player means. Is it necessary for all of these to be on my system? If not, which ones would you recommend I remove. I should add I am still using Windows XP Professional, 32 bit, and I use primarily Firefox as my browser. As always I would appreciate all replies and would thank you in advance. John
jpcummins, On XP and Win7, - NPAPI is a plugin for SeaMonkey (plugin container), Firefox, Opera v12 (plugin wrapper). Keep it, but in the browser settings make sure it's set to ASK TO ACTIVATE, helping you avoid scumware displays. - ActiveX is activeX control for IE. Don't know where the settings are since I don't use IE. - "Shockwave" name confused me, but that's what SeaMonkey calls it in its Add-ons/Plugins page, even though it's NPAPI. In windows/system32/Macromed directory you will see exactly what and what versions you have.
@jpcummins Location of Flash Player install in XP. C:\WINDOWS\system32\Macromed\Flash Adobe flash player .exe installer for IE. There is also available a .msi installer. Go to Add or Remove Programs and click on remove (Adobe Flash Player v# ActiveX) Go to C:\WINDOWS\system32\Macromed\Flash and delete the ActiveX.exe file if still present. Then there are all the registry entries left over even after uninstalling Flash. The Flash Player for Firefox would be listed as NPAPI in Add or Remove Programs and this is the one you would only need. NOTE: Recommend not using Internet Explorer and/or Flash ActiveX version on Windows XP. Vulnerable to exploits.
No surprise here: Adobe's Flash is a hacker's favorite target A new study adds to already compelling evidence that Flash should be retired http://www.computerworld.com/articl...dobes-flash-is-a-hackers-favorite-target.html
Yup, the chart within the article-referenced report "Gone in a Flash: Top 10 Vulnerabilities Used by Exploit Kits", sort of sums it up... https://www.recordedfuture.com/assets/top-vulnerabilities-2015-2.png
Facebook wins Flash by knock out by switching to HTML5! http://securityaffairs.co/wordpress/42937/social-networks/facebook-stitches-flash-html5.html
Adobe Flash Player Distribution 3 .html This page and the download links will be decommissioned on January 22nd, 2016. This page also includes downloads for the Extended Support Release (ESR)
