back to article Hackers exploit fresh PC hijack bug in Adobe Flash Player, the internet's screen door

Adobe is advising users and administrators to patch its Flash Player after yet another remote-code execution vulnerability was discovered in the plugin. The patch fixes bug CVE-2015-3113, which allows attackers to take control of a system if it opens a malicious Flash file. Miscreants are exploiting the flaw in the wild to …

  1. chivo243 Silver badge
    Alert

    So the internet is actually

    Under water? Adobe is the screendoor on the submarine! All hands on deck!

    1. Anonymous Coward
      Anonymous Coward

      Re: So the internet is actually

      Has been for years, why do you think they call those country-to-country links submarine cables?

      1. Mad Chaz
        FAIL

        Re: So the internet is actually

        No No No No. We all know the internet is a bunch of tubes. And what's in tubes? Water!

        So our problem is adobe sprung another leak ...

        1. gollux

          Re: So the internet is actually

          Actually, the internet is a bunch of bongs. It's all that haze that keeps the programmers at Adobe from getting it right.

          1. Anonymous Coward
            Anonymous Coward

            Re: So the internet is actually

            The cloud suddenly sounds much more appealing.

  2. elDog

    Another boring day at the office for sysadmins

    And another opportunity for users to rebuild their systems, or better yet just get a brand spanking new one!

    One with Windows and Adobe pre-installed.

    Ahhhh. I think I see a pattern here.

  3. Mike Bell

    Kill it with fire

    A stake through the heart won't do.

    1. kain preacher

      Re: Kill it with fire

      It's going to take ancient magic to kill that thing. Fire will just give it a tan.

      1. TeeCee Gold badge

        Re: Kill it with fire

        Are we talking deeper magic from before the dawn of time here?

        1. kain preacher

          Re: Kill it with fire

          "Are we talking deeper magic from before the dawn of time here?"

          Yes

    2. Dave 32
      Mushroom

      Re: Kill it with fire

      It needs to be nuked from orbit!

      Dave

      P.S. Why, oh, why, if they can't maintain it, don't they open source it, and let some competent programmers fix it correctly?

  4. x 7

    so are there any other flash players still available that are still maintained and are more secure?

    1. Six_Degrees

      No; Flash is proprietary.

      There are, however, alternatives available that do away with Flash altogether, like HTML 5. Adobe is apparently just not up to the task of writing capable software.

      1. e_is_real_i_isnt

        The problem is a little farther up the foodchain

        It's really MS that should be fixing their OS to sandbox the applications more than Adobe being responsible for the effectiveness of attacks built on the OS.

        I have no love for Flash, going back to the 56k dialup and having to download a new Flash version practically every time a new animation or video came out. I wonder if the Macromedia guys are still involved.

    2. Flocke Kroes Silver badge

      Alternatives

      gnash

      1. This post has been deleted by its author

      2. Not That Andrew

        Re: Alternatives

        While the project seems active, there hasn't been a release in years. The sort of person who actually needs gnash is usually not up to the task of downloading the git repo and compiling it from source. And is also usually not interested in installing a Linux distro which may or may not have a recent package for gnash

  5. jonnycando
    Mushroom

    Adobe ought

    ......to just stop publishing Flash. It would be honorable. And in the long run cheaper than constant patching.

    1. Anonymous Coward
      Anonymous Coward

      "stop publishing Flash"

      Don't disagree, but its not the answer unfortunately. We need all the crappy Flash dependant websites to dump it instead! I'm talking here about everything from the BBC to Twitch. Why do they still force Flash on us? Why can't they move to HTML5? YouTube did! Add to which, every single one of my wife's online courses requires Flash and many Java too. WTF? This is A1-Sh1t website design, but hey there's no punishment for mediocrity on the interweb...

    2. Doctor_Wibble
      Flame

      Re: Adobe ought

      Agreed but there's a whole bunch of stuff that is completely dependent on it.

      My simple question is why the fck does it take a fcking Flash app to view a simple fcking phone bill for fcks sake?

      It is a static list that does not need anything done to it except be displayed on a web page which as far as I recall has only been possible for the last 20 years or so. That said, I can sort of understand why this might a difficult concept for people who have trouble understanding things if they aren't displayed on an interactive twinkly multi-coloured sparkly customisable background.

      Flash only makes things better if you keep a non-flash version available. It's not luddism, it's practicality.

      edit: I suspect my annoyance may be slightly apparent...

  6. David Austin

    Meh

    No issue here - our shop went Adobe free, after the security holes in Flash and reader, and the rental Bollocks in Adobe CS.

    Designers did moan a bit, mind.

    Ah well; fuck 'em,

    1. Joey M0usepad Silver badge

      Re: Meh

      but how do you watch iplayer on your lunch break?

  7. Anonymous Coward
    Anonymous Coward

    Whilst ever

    the great unwashed can watch u-tube and the other eleventy million video sites using flash, Adobe have no reason to ditch it. It is down to the webmasters to implement HTML5 and then force adobe to do something.

    1. PassiveSmoking

      Re: Whilst ever

      Youtube went HTML5 by default a few months back and only uses Flash as a fallback for browsers that don't support HTML5 video.

      If you're still getting Flash on Youtube and your browser isn't from the paleozoic era then maybe you need to toggle your settings.

      https://www.youtube.com/html5

  8. Blank-Reg
    Mushroom

    Just bin the bloody thing. I've not had it installed this past 6 months and the biggest thing I noticed is that some ads are replaced with an Install Flash Player icon.

    Bliss

    1. Anonymous Coward
      Anonymous Coward

      re: Bliss

      > ... some ads are replaced with an Install Flash Player icon.

      >

      > Bliss

      Just install AdBlock (and consider a few other goodies too) and you'll see even fewer annoying ads!

      It's worth the effort to figure it out.

      If ads are annoying and a potential hazard, I have no qualms about blocking them.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like