Flash must be close to the top in insecurity. It seems like barely a month goes by without another vulnerability being found. Wordpress is close by, and php pretty bad.
I can live without Wordpress (this blog doesn't use it) and php (I use perl). But so much of what I need to do, requires Flash. Even a security site that I used to use for checking my compliance with PCI DSS (the Payment Card Industry's Data Security Standard) uses Flash. I'm glad to say, I don't use that site any more. My main use of Flash is youtube - yes, I'm a youtube addict. I use it like Radio 4, playing in the background. I watched The Knowledge recently. I watch Colin Furze's latest lunacies. I worked my way through all the Jeeves and Wooster (Fry and Laurie) series. So I need to keep my Flash updated, to avoid the constant series of vulnerabilities.
I was on version 11.2.202.521, and I need to update to 11.2.202.540 (and so do you). It's always a hassle.
In addition, I don't let Flash play automatically. Because if I did, and I accessed something that exploited the latest vulnerability, then I'm in trouble. Instead, I make it ask me each and every time it wants to play, which is a minor nuisance, but I think worth while.
The price of security is eternal vigilance.
Nice post!
ReplyDelete"I can live without Wordpress (this blog doesn't use it) and php (I use perl). But so much of what I need to do, requires Flash" - absolutely all the same with me.