Flash is dying, with both Microsoft and Google trying to push the flash out of their browsers. Apple isn’t using Flash for years, making the technology to slowly fades from the internet. Nevertheless, Adobe continues releasing security patches for the Flash Player on a regular basis. The last batch of security updates for the Flash Player, Adobe Reader, and Acrobat brings lots fixes for critical vulnerabilities found in the three products.

the-long-road-to-adobe-flash-player-24-for-linux-511108-2

The Adobe Flash Player update fixes 13 vulnerabilities in total; twelve of them could lead to remote attacks, and one could allow hackers to bypass security and collect user data. The Adobe Reader and Acrobat updates patched more than two dozen vulnerabilities (29 to be more specific) found in Adobe versions 1.0.18 and earlier.

Adobe stated that none of the security vulnerabilities has been exploited by hackers.

The latest security update installs Adobe Chrome extension, allowing users to convert whole web pages into PDF as well as the ability to open PDFs in Adobe Reader instead inside Chrome.

https://twitter.com/SwiftOnSecurity/status/818924404809879555

On the other hand, users are complaining that, after the update, they are prompted by Chrome to enable the said extension. Also, the extension comes with a tracking feature, giving Adobe means to collect basic information. The option is turned on by default, and it can be turned off by users. Adobe stated that collected data is completely anonymous and that it does not include URL data.