316 Flash Bugs Discovered And Fixed This Year
Adobe Flash's security and vulnerability flaws, as well as performance issues have rendered it all but dead. Now, the final nail in Flash's coffins is the revelation that 316 Flash bugs were unearthed and fixed in 2015.
Alarmingly, Q4 2015 saw Adobe fixed 113 bugs in totality. This number works out to 1.5 bugs per day or an average of 6.1 bugs in a week, which is dismal, to say the least, for a software that has been around for 18 years.
Flash has been in the news all year-round for all the wrong reasons and ends 2015 on a bleak note as well. Yet more critical vulnerabilities were discovered last week. On Tuesday, Dec. 28, Adobe released an emergency patch to counter the issues. One of the vulnerabilities, according to Adobe, is being exploited to wage attacks that could possibly enable the hacker to control the system.
"Adobe is aware of a report that an exploit for CVE-2015-8651 is being used in limited, targeted attacks. Adobe recommends users update their product installations to the latest version using the instructions referenced in the security bulletin," says the company in a blog post.
One would hope that this was the final security lapse and vulnerability found in Flash in 2015. However, judging by the 6.1 bugs per week average, we could be seeing one or two more flaws before 2015 wraps up.
Flash has faced several debacles in 2015, with several companies discarding the buggy software altogether. In January 2015, we reported that YouTube was dropping Adobe Flash in favor of the HTML5 player. YouTube also got rid of the Flash API and the Flash embeds.
A few months later in July, Facebook's Chief Security Officer Alex Stamos called for an "end-of-life date for Flash."
"It is time for Adobe to announce the end-of-life date for Flash and to ask the browsers to set killbits on the same day," said Stamos in a tweet at the time.
On Dec. 18, Facebook finally dropped Flash in favor of HTML5 as well. The company's move was prompted largely by the security risks associated with the software.
Joining YouTube and Facebook was Mozilla, which blocked the Flash plug-in for its Firefox browser.
The decline in use of Adobe Flash in the last five years is validated by a study conducted by web technology survey firm W3Techs, which reveals that the software's use on all sites fell from 28.5 percent in 2010 to less than 10 percent in 2015.
The demise of Flash is reflected by the fact that Adobe itself abandoned the name "Flash" for its animation tool's latest version.
The developer even said that, in the future, they are looking to "encourage content creators to build with new web standards and will continue to focus on providing the best tools and services for designers and developers to create amazing content for the web." In other words, Adobe too is distancing itself from Flash owing to the negative associations with the software.
If Flash keeps churning out bugs at this rate, come New Year's Day, we can expect three new vulnerabilities at the very least! Ensure you have an updated version of Flash to stay secure. You can check at this link.
It would be safer if you uninstall flash or simply run the software on your browser only when needed.
Will Flash surpass the number of bugs and fixes it warranted in 2015 in the ensuing year as well? If the software survives - yes, 2016 is a leap year and Flash has one more day to take advantage of it!