For two decades, Adobe Flash has worked behind the scenes, letting people watch animations, view and listen to streaming content, and play interactive games through their web browsers. The Flash platform delivers the content, while the Flash Player (a web browser plugin) enables users to access it. However, the end is near for Flash. Adobe announced that it will no longer support the Flash platform and plugin starting in 2021.Adobe’s announcement is not too surprising. Although Flash was once a pioneering technology, it has been on a downhill trend because of reliability, performance, and security issues. Most notably, cybercriminals like to exploit the security vulnerabilities in Flash Player because of its wide distribution and the fact that many users do not patch or install newer versions of this free software. Plus, there are now faster and more secure web technologies that provide the same capabilities (e.g., HTML5, WebGL, WebAssembly).
What to Expect
Adobe will continue to support Flash until it reaches the end of its life. Specifically, Adobe will provide security updates for Flash Player through 2020 via its monthly security patching cycle. These updates will patch newly discovered security vulnerabilities, but they won’t introduce any new features in the plugin. Adobe Flash Player 126.96.36.199, which was released on August 8, 2017, was the first of these updates.Adobe will also continue to work with the providers of operating systems (OSs) and web browsers that currently allow Flash content (e.g., Google, Microsoft, Linux). For instance, Adobe will provide them with regular security updates as well as maintain OS and browser compatibility. However, some of these providers have already begun phasing out Flash. For example, Google has already disabled the Flash Player by default in its Chrome web browser (version 56 and higher). Starting in October 2017, Chrome users will need to explicitly allow the player to run on Flash-based sites they have never visited before.Finally, Adobe will continue to support its Flash platform, as web developers and designers migrate their existing Flash content and functionality to alternative web technologies, such as HTML5 and WebGL.
What You Need to Do
What you need to do to prepare for Flash’s demise depends on how your company uses it.If your business’s only usage is employees running Flash Player when visiting websites, you just need to make sure that all security updates are being installed on employees’ computers, including those released by Adobe, your OS provider, and your web browser provider. These security updates will patch any newly discovered Flash Player vulnerabilities so that cybercriminals cannot exploit them to gain access to your business’s data or systems. It is also a good idea to educate employees about risky web browsing habits. For instance, if your employees use Chrome, you should let them know about the dangers associated with allowing the Flash Player to run on websites they have not visited before.If your business has a website that delivers Flash content, you will need to take additional action. The site will need to be modified so that it utilizes alternative web technologies. It will take time to migrate to those technologies, so you should start the process sooner rather than later.
Not Sure How Your Business Is Using Flash?
If you are uncertain about the extent in which your business is using Flash, we can make an assessment. We can also recommend ways to make sure that all the necessary security updates are being installed on your employees’ computers. This is important to patch not only Flash-related susceptibilities but also vulnerabilities found in other software running on their machines.