Flash has long been at the heart of a debate over usability and security. The media player has long been used for everything from Youtube to online games, but it has often by problems with even the fixes containing problems. As a result, people are being told to avoid using the tool and instead using HTML 5, seems like we have yet another reason to listen given the latest patch to try to fix a code-execution bug.
By code-execution bug, we mean that it would be possible to execute code remotely, meaning they could quickly perform actions without your knowledge or say. This exploit is a rather large one, enabling a whole host of problems from the get go rather than others with specific purposes or problems.
The zero-day vulnerability was found by Anton Ivanov, a member of Kaspersky Lab, and was credit as such. Kaspersky Lab researchers have been observing the vulnerability and had seen it used in “a very limited number of targeted attacks”.
With so many vulnerabilities, it comes as no surprise that people are trying to steer away from using Flash. We recommend that if you don’t actively use the tool you remove it from your system, something that could only improve your security given flash’s checkered past. If you do use Flash, then we recommend that you update it now and make sure that you keep checking for security patches.