This week in computer security

Thanks for the info. :)
 
Joined
Aug 30, 2006
Messages
7,830
How many times i hear the news of the Flash Player has serious security issue?. I think someone should get fired for that.
 
Joined
Oct 19, 2006
Messages
1,028
Location
Malaysia
How many times i hear the news of the Flash Player has serious security issue?
That's why it's "This week in computer security". Stay tuned for more. :)

I agree with Apple and find Flash a PITA. It's always breaking and needing updates. Maybe someone can explain why it's so unstable…
Because Flash is written in a system programming language where it's possible for software developers to make lots of mistakes. It's virtually impossible to guarantee the absence of these kinds of security errors. The same problems apply to Apple too.
 
Last edited:
Joined
Mar 30, 2008
Messages
1,163
Location
Scandinavia
It's most of the times a combination of C, C++, and assembler (machine language) code. The problem with these languages is that instructions and the information they handle are equal as far as your actual machine is concerned. It's just a series of 0's and 1's. If one set of instructions handle some information incorrectly, the information can become instructions and hijack the process.
 
Joined
Mar 30, 2008
Messages
1,163
Location
Scandinavia
Here's a 2010 listing that ranks by number of severe vulnerabilites in common software (link):
1. Google Chrome (76)
2. Apple Safari (60)
3. Microsoft Office (57)
4. Adobe Reader og Acrobat (54)
5. Mozilla Firefox (51)
6. Sun Java Development Kit (36)
7. Adobe Shockwave Player (35)
8. Microsoft Internet Explorer (32)
9. RealNetworks RealPlayer (14)
10. Apple WebKit (9)
11. Adobe Flash Player (8)
12. Apple QuickTime (6) og Opera (6)
 
Last edited:
Joined
Mar 30, 2008
Messages
1,163
Location
Scandinavia
Yet, there's updates to flash nearly every month, and sometimes more often. AND it crashes and causes slowdown regularly... Clearly the Flash problems are not just about server vulnerabilities.
 
Joined
Aug 18, 2008
Messages
15,679
Location
Studio City, CA
Yes, I interpreted that as security vulnerabilities. I was writing about crashes and slowdowns (i.e. reliability, and performance) rather than security issues.
 
Joined
Aug 18, 2008
Messages
15,679
Location
Studio City, CA
Yes, I interpreted that as security vulnerabilities. I was writing about crashes and slowdowns (i.e. reliability, and performance) rather than security issues.

OK. Since you wrote "server vulnerabilities" I though you misunderstood what he meant by "sever vulnerabilities" (assuming that he really meant to write "severe...").

Not important.
 
That was a typo by me.

In defence of Flash, it's installed and running on pratically every computer in the world connected to the internet. It's interacting with video, graphics and sound. In addition it must validate and run "untrusted" virtual machine instructions from any website delivering Flash content to your webbrowser. It's pretty broad in scope so I don't imagine the engineers at Adobe has an easy job. :)
 
Joined
Mar 30, 2008
Messages
1,163
Location
Scandinavia
Another round of security updates:

Adobe Flash 10.2.152.26
- Fixes several critical security flaws

All Windows versions have also received critical security updates this week. Make sure to update both Flash and Windows if you don't have automatic updates enabled.
 
Joined
Mar 30, 2008
Messages
1,163
Location
Scandinavia
Joined
Nov 5, 2006
Messages
21,893
Location
Old Europe
Back
Top Bottom