5 recommendations |
Top ten security vulnerabilities most exploited by hackers |
|
therube join:2004-11-11 Randallstown, MD
3 recommendations |
Flash? Is Flash still enabled, by default, in browsers? Is it even used anymore, anywhere? Exploits against Windows? Get real! Everyone uses Windows 10 which is impervious, impervious I say. And that's no fake news! And even if IE were exploitable, it's not even used anymore. Everyone from Win7 & up uses Edge. (What do you mean that Edge isn't available in Win7? Yet .) In a Mozilla browser, older Flash are regularly blacklisted, so even if one were to have an ancient version installed... (Not to mention that Flash updates itself, by default. And Win10 "updates" itself too - even if you don't want it :evilgrin:.) Aren't IE updates included in MS's monthly "security updates"? So why are old versions of IE still about? Unless they're talking about IE6. |
|
Kiwi88 Premium Member join:2003-05-26 Bryant, AR
1 recommendation |
to OldNavyGuy
Developers still have an issue getting over Flash & Java, if the updated format was used (HTML5) nobody would still be raising the dino code. |
|
|
Commercial websites aren't going to retool unless they have to. |
|
cramer Premium Member join:2007-04-10 Raleigh, NC Westell 6100 Cisco PIX 501
5 recommendations |
to therube
said by therube:Flash? Is Flash still enabled, by default, in browsers? Is it even used anymore, anywhere? Hate to break it to you, but, yes, flash is still everywhere. And absolutely necessary to get certain things done. (don't let vmware fool you, their HTML5 UI is not "feature complete" -- or "good" for that matter.) |
|
Kiwi88 Premium Member join:2003-05-26 Bryant, AR |
to OldNavyGuy
You are right, economics. However, that's exactly how these problems continue into perpetuity. I spent years getting blasted around here from Java & Flash lovers, certainly both coding methods do what was intended, sloppy code though is still an acceptable standard and practice after a good decade of knowing why they are pitfalls. in a work environment, people are stuck, but this continues because both coding methods are largely aimed at non techie types, who just want [//cc] there children's educational game to work.
Adopting updated software is a real problem, proprietary based systems that require them, very old hardware, still runs them and the cost factor typically implodes well thought out advances in problem solving these two "Flash & Java" perpetual problems. Nobody is in a hurry to hold failure to the fire. |
|
ashrc4 Premium Member join:2009-02-06 australia |
ashrc4
Premium Member
2019-Mar-20 6:10 pm
I wouldn't use java and flash together in a comparison when talking exploitation.
Java had multiple times large amounts of code altered in order to stem off exploits and has a different environment/dynamic/exploit vectors to that of flash. |
|
Kiwi88 Premium Member join:2003-05-26 Bryant, AR
1 recommendation |
Kiwi88
Premium Member
2019-Mar-20 10:17 pm
They are both rudimentary code, utilized by lazy programmers. The years of issues prove it. Not to say they are alone, but both have had a substantial impact, more so than other software that's developed, in a negative working environment. I'm not picking one over the other, comparatively they both fail. |
|
3 recommendations |
Wonder if these exploits are performed when users are running under an Admin or Standard User account? |
|
Kiwi88 Premium Member join:2003-05-26 Bryant, AR |
Kiwi88
Premium Member
2019-Apr-8 12:21 am
Don't think it matters. |
|
mackey Premium Member join:2007-08-20 |
to cramer
said by cramer:Hate to break it to you, but, yes, flash is still everywhere. No, it's not. Perhaps some niche applications which couldn't be bothered to keep their stuff up-to-date still use it, but for the average user it is completely unnecessary. Personally I've been completely 100% Flash free and haven't noticed anything not working. |
|
3 recommendations |
to cramer
said by cramer:Hate to break it to you, but, yes, flash is still everywhere Not exactly...a couple of studies below. One year ago - 5% of all sites. » www.bleepingcomputer.com ··· ars-ago/As of this month - 3.6% of all sites. » w3techs.com/technologies ··· /all/all |
|
cramer Premium Member join:2007-04-10 Raleigh, NC Westell 6100 Cisco PIX 501
2 recommendations |
cramer
Premium Member
2019-Apr-8 11:47 am
I'm not talking about random internet websites. I'm talking about commercial / business applications. Have VMware? There will be parts requiring the old flash interface -- and others are significantly faster in the flash ui. (their own engineers used the C# client right up to the day it stopped working -- v6.5) Have some old-ish Sun/Oracle, Dell, HP, IBM, etc. gear? Flash, and java, exist in many of those apps. |
|
|
When Adobe drops support completely for Flash (Shockwave Flash support ends in 2020), they will be vulnerable.
I doubt that will be tolerated by customers who purchased those commercial/business applications. |
|
2 recommendations |
to OldNavyGuy
The number one entry should be "boneheaded users gullibily giving away their personal info" |
|
Phoenix22Death From Above Premium Member join:2001-12-11 SOG C&C Nrth
2 recommendations |
to OldNavyGuy
» helpx.adobe.com//shockwa ··· faq.htmlEnd of Life for Adobe Shockwave Applies to: Shockwave Player Frequently Asked Questions (FAQ) for End of Life of Adobe Shockwave Effective April 9, 2019, Adobe Shockwave will be discontinued and the Shockwave player for Windows will no longer be available for download. |
|
|
4 recommendations |
said by Phoenix22:Effective April 9, 2019, Adobe Shockwave will be discontinued and the Shockwave player for Windows will no longer be available for download Today is the day for Shockwave Flash. Enterprise customers get a little more time. I meant to say support ends for Adobe Flash at the end of 2020. Thanks for the correction. |
|
antdudeMatrix Ant Premium Member join:2001-03-25 US
2 recommendations |
antdude
Premium Member
2019-Apr-9 10:00 pm
said by OldNavyGuy:said by Phoenix22:Effective April 9, 2019, Adobe Shockwave will be discontinued and the Shockwave player for Windows will no longer be available for download Today is the day for Shockwave Flash. Enterprise customers get a little more time. I meant to say support ends for Adobe Flash at the end of 2020. Thanks for the correction. Flash should end earlier. :P |
|
Phoenix22Death From Above Premium Member join:2001-12-11 SOG C&C Nrth |
imho.................that would be just ducky!! |
|
intr0 join:2019-04-10 Reading, PA
4 recommendations |
to OldNavyGuy
Flash definitely should’ve pulled the plug a decade or so ago. At least actors like Mozilla stopped packaging it with those other icky plugins. The new secure ://web-ext protocol will see creative talent flourishing from individual devs and small teams instead of Adobe, Microsoft, Google, etc. |
|
therube join:2004-11-11 Randallstown, MD |
therube
Member
2019-Apr-10 10:45 pm
(Mozilla never packed Flash. Don't really recall it "packaging" any Plugins. Though these days, while it doesn't package, it does shortly after first run, download (& install) GMPs.) |
|
intr0 join:2019-04-10 Reading, PA |
intr0
Member
2019-Apr-10 11:05 pm
Up until 2015. I can find the CVE if you’d like. Firefox uses (on Linux versions) an open media codec from Cisco. Don’t recall the name - H264 I believe.Firefox/ Mozilla installs GIMP? Firefox? Huh. |
|
2 recommendations |
On my Windows 10 system, it's the OpenH264 Video Codec. This plugin is automatically installed by Mozilla to comply with the WebRTC specification and to enable WebRTC calls with devices that require the H.264 video codec. Visit »www.openh264.org/ to view the codec source code and learn more about the implementation. |
|
AnavSarcastic Llama? Naw, Just Acerbic Premium Member join:2001-07-16 Dartmouth, NS
2 recommendations |
to OldNavyGuy
#1 - Click on a phishing thread entitled top ten security vulnerabilities most.............. |
|