December 9, 2011

Two Zero-day Vulnerabilities Found in Flash Player

What else is new …

Lucian Constantin, writing for Macworld:

“Two newly discovered vulnerabilities in Adobe’s Flash Player can be exploited to execute arbitrary code remotely, according to advisories from the U.S. Computer Emergency Readiness Team (US-CERT) and various security research companies.”

When I bought my MacBook Pro earlier this year the one software item I purposely avoided installing was Flash player. It’s too much a CPU hog, and too riddled with security holes.

What am I missing out on? Inane YouTube videos and over-designed restaurant home pages.

I have a minor cheat going on, though, in the super Chrome browser from Google. Its built-in Flash player, which Google scrupulously maintains it to keep as up-to-date and exploit-free as possible, works well.

With a viable alternative available and repeated evidence of Flash player’s danger, why is anyone still using this relic from the wild west days of the Internet?