Flash Is Vulnerable – No Fix Coming

Flash Is Vulnerable – No Fix Coming

flash-failThere is a gaping security hole in Flash, that according to ComputerWorld’s Gregg Keizer “can exploit a flaw
 to compromise nearly every Web site that allows users to upload content, including Google’s Gmail, then launch silent attacks on visitors to those sites.”

Not good. But it gets worse.

So. Much. Tech.

Some of the biggest names in tech are coming to TNW Conference in Amsterdam this May.

Adobe has acknowledged the problem, and has promised nothing. No patch, no quick fix, nothing but a thumb of the nose. Adobe has made it plain that websites and their creators are responsible for their security.

That sounds like GM saying drivers are responsible for exploding gas tanks. This is a big, bad problem. Expect to see backlash to Adobe, and some fix in the pipeline. If not, a large swath of the internet is now very, very insecure.

Mike Murray of Foreground Security said it well: “Any site that allows user-uploadable content is vulnerable, and most are not configured to prevent this.”

H/T @MichaelKlurfeld for the tip.

Read next: Bing UK Goes Live

Shh. Here's some distraction