Google Chrome to Kill Flash for New Version of Chrome

chrome-flashThis coming September, Chrome 53 will effectively begin to block Flash. According to Google’s Chrome blog, Google plans to push Adobe Flash Player out the door at the end of the year with a new version of its Chrome web browser. Google said it plans to release Chrome 55 in December, and will replace Flash with HTML5, which is a lightweight, plugin-free alternative to Adobe's multimedia software platform. The move will be done to improve security, as well as reduce power consumption and page load times.

In 2015, Google introduced “intelligent pausing”, a click-to-load feature in Chrome that automatically halted the playback of content—including Flash animations—to save on data and power. The content usually involves advertisements and autoplay sidebar videos on websites that slows down page loads and were deemed inessential. The auto pause feature dramatically improved web browsing speed and significantly reduced power consumption. The choice, however, remained optional as paused content could be resumed with a mouse click. With the feature, Google said that “the only change you’ll notice is a safer and more power-efficient browsing experience”.  

Flash has seen a prolonged depreciation in the decades that followed its popularity. The pace of its decline arguably accelerated when Apple banished Flash from its devices, and the constant stream of security issues and its massive consumption of device resources have prompted sites to switch from using Flash to HTML5 for graphics and animation.

[READ: The Adobe Flash Conundrum: Old Habits Die Hard]

Flash has had a lot of security issues, but it could also be attributed to its popularity and ubiquity. Because support for the platform has long been a part of popular web browsers from Microsoft's Internet Explorer to Mozilla Firefox and Google Chrome, it has become a popular target for exploits that repeatedly exposed users to threats. In 2015, several Flash vulnerabilities, including the discovery of two zero-day vulnerabilities within the first few weeks of the year were found. Trend Micro reported the first, which affected users of Adobe Flash Player for Microsoft Windows, toward the end of January. At the beginning of February, another zero-day Flash exploit was discovered, this time for malvertisements.

Overall, Flash’s history of vulnerabilities highlights the importance of ensuring that systems and software are up-to-date. However actively Adobe has been working on Flash security, the constant string of security issues that have plagued Flash for years show why online platforms should move on to a safer alternative. Exploit kits—packets of code that take advantage of these browser vulnerabilities—have used Flash to attack countless sites that could ultimately lead to a malware or ransomware infection.

For the time being, Adobe is working towards retiring Flash, but has repeatedly warned that it cannot happen overnight. Meanwhile, Google is keen to point out its ongoing relationship with Adobe. “Flash helped make the Web a rich, dynamic experience, and shaped the modern set of web standards. We continue to work closely with Adobe to ensure that your web transition is as fast and as secure as possible to help the Web transition to HTML5”.
HIDE

Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.

Опубликовано в Vulnerabilities & Exploits, Internet Safety, Exploits