Adobe will kill Flash by 2020: No more updates, support, tears, pain...

Buggy multimedia nightmare won't see President Zuckerberg's inauguration

By Shaun Nichols in San Francisco

Posted in Security, 25th July 2017 16:43 GMT

Adobe has officially set a kill date for its beleaguered Flash.

The Photoshop giant said today it plans to end support for the hacker-prone multimedia browser plugin by the end of 2020. This means no more updates for Flash Player after that date and the end of support on many browsers, including Chrome, Internet Explorer and Edge, and Firefox.

Facebook also says it will shut off Flash games by the end of 2020, and is advising developers to change their FB games over to a different format.

"Where we’ve seen a need to push content and interactivity forward, we’ve innovated to meet those needs. Where a format didn’t exist, we invented one – such as with Flash and Shockwave," said a spokesperson for Adobe, which didn't actually invent either format.

"And over time, as the web evolved, these new formats were adopted by the community, in some cases formed the basis for open standards, and became an essential part of the web."

Programmers, designers and companies whose websites still rely on Flash (Google estimates that is about 17 per cent of all sites) are being encouraged to start planning now to transition to a more modern format, such as HTML5 and WebGL, though they probably should have already done that already.

The announcement will be welcome news for security professionals and administrators, as it is one less attack vector to worry about. The notoriously insecure Flash Player plugin has emerged in recent years as the favorite target for automated exploit kits due to both its prevalence and the large number of serious flaws lingering in the code.

In the meantime, however, it will be at least another three-plus years of dutifully patching Flash Player every month and advising users to either disable or at least make Flash content click-to-play in their browser settings. ®

Sign up to our NewsletterGet IT in your inbox daily

103 Comments

More from The Register

Microsoft emergency update: Malware Engine needs, erm, malware protection

Stop appreciating the irony and go install the patch now

Exploit kit development has gone to sh$t... ever since Adobe Flash was kicked to the curb

Coinkidink? Nah. Crooks are switching tactics

Patch or ditch Adobe Flash: Exploit on sale, booby-trapped Office docs spotted in the wild

ThreadKit leverages flaw fixed in February

Dolby sues Adobe for dodging license fees

Updated Copyright case puts royalty model under the microscope

Nork hackers exploit Flash bug to pwn South Koreans. And Adobe will deal with it next week

Maybe it's a good time to just delete the thing

Adobe: Two critical Flash security bugs fixed for the price of one

Emergency patch lands, shuts pair of remote exploitable holes, one used by Norks

Microsoft patched more Malware Protection Engine bugs last week

Redmond's out-of-band advisory landed after the bugs were fixed

Adobe emits emergency patch for Flash hole malware is exploiting right this minute

Windows folks – how can we say this? UPDATE ASAP

Adobe: New Unified Customer Profile will personalise ads as never before

Adobe Summit Cloudy marketing tools get AI powers... what do you mean, bad timing?

NBD: Adobe just dumped its private PGP key on the internet

Updated Change the name to A-d'oh!-be