Security

Adobe will kill Flash by 2020: No more updates, support, tears, pain...

Buggy multimedia nightmare won't see President Zuckerberg's inauguration

By Shaun Nichols in San Francisco

103 SHARE

Adobe has officially set a kill date for its beleaguered Flash.

The Photoshop giant said today it plans to end support for the hacker-prone multimedia browser plugin by the end of 2020. This means no more updates for Flash Player after that date and the end of support on many browsers, including Chrome, Internet Explorer and Edge, and Firefox.

Facebook also says it will shut off Flash games by the end of 2020, and is advising developers to change their FB games over to a different format.

"Where we’ve seen a need to push content and interactivity forward, we’ve innovated to meet those needs. Where a format didn’t exist, we invented one – such as with Flash and Shockwave," said a spokesperson for Adobe, which didn't actually invent either format.

"And over time, as the web evolved, these new formats were adopted by the community, in some cases formed the basis for open standards, and became an essential part of the web."

Programmers, designers and companies whose websites still rely on Flash (Google estimates that is about 17 per cent of all sites) are being encouraged to start planning now to transition to a more modern format, such as HTML5 and WebGL, though they probably should have already done that already.

The announcement will be welcome news for security professionals and administrators, as it is one less attack vector to worry about. The notoriously insecure Flash Player plugin has emerged in recent years as the favorite target for automated exploit kits due to both its prevalence and the large number of serious flaws lingering in the code.

In the meantime, however, it will be at least another three-plus years of dutifully patching Flash Player every month and advising users to either disable or at least make Flash content click-to-play in their browser settings. ®

Sign up to our NewsletterGet IT in your inbox daily

103 Comments

More from The Register

Microsoft emergency update: Malware Engine needs, erm, malware protection

Stop appreciating the irony and go install the patch now

Intel, Microsoft, Adobe release a swarm of bug fixes to ruin your week

Massive patch dump with 112 fixes... and that's just for the Photoshop giant

Exploit kit development has gone to sh$t... ever since Adobe Flash was kicked to the curb

Coinkidink? Nah. Crooks are switching tactics

Patch or ditch Adobe Flash: Exploit on sale, booby-trapped Office docs spotted in the wild

ThreadKit leverages flaw fixed in February

Adobe acquires Magento to go B2B2C and beyond

Experience Cloud to add commerce and content management facilities

Stop us if you've heard this one: Adobe Flash gets emergency patch for zero-day exploit

The internet's screen door gets kicked open once again

Dolby sues Adobe for dodging license fees

Updated Copyright case puts royalty model under the microscope

Nork hackers exploit Flash bug to pwn South Koreans. And Adobe will deal with it next week

Maybe it's a good time to just delete the thing

Adobe: Two critical Flash security bugs fixed for the price of one

Emergency patch lands, shuts pair of remote exploitable holes, one used by Norks

Microsoft patched more Malware Protection Engine bugs last week

Redmond's out-of-band advisory landed after the bugs were fixed