In July 2017, Adobe announced that it would no longer distribute or update Flash Player as of Dec. 31, 2020. Adobe decided to stop supporting Flash Player because HTML5 and other open standards are better alternatives for interactive web content and animations. The major browser vendors favor these open standards over plug-ins such as Flash Player.
Flash Player has a long and troubled history. First released by Macromedia in 1996, Adobe acquired Flash Player in 2005. The software has been plagued by security vulnerabilities that Adobe has sometimes been slow to patch. What’s more, Adobe doesn’t require upgrades to the latest version, so there are many old versions still installed.
Adobe will remove the Flash Player download pages from its website as of Jan. 1, 2021, and Flash-based content will be blocked from running in Flash Player. Additionally, Microsoft operating systems and the Edge and Internet Explorer browsers will no longer support Flash Player. Google has been phasing out support for Flash in its Chrome browser since 2017 and will remove it by the end of 2020.
What does this mean for your environment? There are four primary takeaways:
Migrate your Flash-based content ASAP. If your business relies on Flash-based content, you should begin working now to migrate that content to an alternate technology. Given the short time remaining before the end-of-life date, Adobe partner HARMAN will be offering some options during the transition. HARMAN may provide support for Flash running in an internal environment not accessible from the Internet, and enable you to create downloadable applications for distribution to external users.
Uninstall Flash Player in your environment. In February 2020, Adobe provided systems administrators with the option to selectively permit Flash Player to run on certain websites. Any use of these “whitelisted” domains after Dec. 31, 2020, will be at your own risk. Although most browsers will block Flash, the best course of action is to uninstall it throughout your environment to eliminate any security threats.
Determine if you have any other end-of-life software. As you’re working to remove Flash Player, you should look for any other end-of-life software that may be installed. For example, Office 2010 is no longer supported as of Oct. 13, 2020. Although end-of-life software will still function, it poses a significant security threat because security patches and updates are no longer issued by the publisher. Hackers actively look for unsupported software in order to exploit vulnerabilities.
Remember to promptly patch and update all software in your environment. Many organizations focus on Windows updates, but most cyberattacks exploit non-Windows software. Given the sheer number of patches that are published, you need a well-thought-out strategy for tracking them and applying them promptly. The longer you wait to install patches and updates, the greater the security risk. A recent ServiceNow study found that 60 percent of breaches were linked to a vulnerability where a patch was available but not applied.
SSD Is Here to Help
The experts at SSD Technology Partners can conduct a thorough assessment of your environment to determine what software is installed, which versions and patch levels, and other information needed to identify potential risks. We can then help you develop a plan for removing unneeded and unsupported software to streamline your environment and minimize security threats.
Through our Assurance program, we can keep your environment up-to-date with the latest security patches and bug fixes so that you don’t have to. Let us help you transition away from Flash Player and ensure that all your software is supported and patched.