90% of you run an insecure version of flash
Last Friday, a new version of Adobe Flash came out which patched the most recent critical flaws in Flash Player. Yet because the update process isn’t automatic, most of you (YES YOU) have not updated your Flash Player in your web browser. The fact that Adobe makes the manual update process a pain to use and forces you to install yet another download manager and tries to get you to install yet another browser toolbar doesn’t help. The end result is that most of your computers are vulnerable to websites that display malicious flash content.
How do I know most of you are not updated? My visitor statistics for my blog tells me so. In fact, nearly 90% of you have not upgraded yet to Flash Version 10.0.32.18 and close to 25% of you are running an even older version of flash.
Looking at the trend from last Friday when the update was first made available to today, it looks like the adoption rate is slow and it will take a long time before three quarters of you are updated and 25% of you will probably never be up to date. And because more than 9 out of 10 computers in the world have Flash installed, it means that 80% of the world’s computer are vulnerable today and 20% of the world’s computers will always be vulnerable. When we factor in vulnerable versions of Adobe PDF Reader, it’s even worse.
| Day | Flash Player r22 | Flash player r32 |
| Last Friday | 72.24% | 3.68% |
| This Wednesday | 64.91% | 10.37% |
| Change | -7.33% | +6.69% |
So what can you do about this? Check your Flash version here and make sure it’s running at least version 10.0.32.18 as of 7/31/2009. While you’re at it, make sure you’re running the latest version of Adobe Reader as well. Bear in mind that you have to actively opt out of any bloatware that Adobe tries to push on you.
[...] Read the rest at DigitalSociety.org Categories: Adobe, Security, Security news Tags: Comments (0) Trackbacks (0) Leave a comment Trackback [...]
“most of you (YES YOU) have not updated your Flash Player in your web browser.”
I sure did. I don’t want Adobe’s updater to run on my computer but there is always a blogger or twelve to remind me to update this stuff. And I’m using Flashblock, too.
I heartily recommend Secunia’s PSI
This little app will warn when you need to update (third-party) software. And with the click of a button it sends you to the proper download page, or a description of the vulnerability.
Leave your response!
Twitter Feed
About Us
Digital Society is a digital think tank that believes culture and commerce are inseparable, that the digital economy flourishes when people are free and rights are secure, and that free markets free people.
Digital Society is an independent 501(c)3 non-profit organization, funded by donations from Jon Henke and from Arts+Labs. We advocate for a pro-culture, pro-commerce digital society through research, analysis and debate on emerging technology issues.
Reply Comments
Transparency and interactivity are trademarks of the Internet era, and we aim to foster them here at Digital Society. It is inevitable that some people will disagree with the technology policy positions we take. We want to have that constructive debate.
The Reply Comments feature gives our critics a chance to respond to our viewpoints and the Digital Society audience convenient access to competing arguments. Any time we directly challenge the views of an individual or a group on this site, the party in question may substantively respond in a guest post.
Please contact executive director Jon Henke by e-mail.
Subscribe
Daily Digest Email
Recent Posts