Security News > 2020 > October > Adobe fixes critical security vulnerability in Flash Player
Adobe has released a security update for a critical remote code execution vulnerability in Adobe Flash Player that could be exploited by simply visiting a website.
Adobe Flash has long been a source of security vulnerabilities that allow attackers to install malware, execute commands, and takeover of computers when visiting malicious websites.
These problems will end soon as Adobe, in coordination with Apple, Microsoft, Google, and Mozilla, is retiring Adobe Flash at the end of the year.
Starting on December 31st, 2020, Adobe will no longer distribute or update Adobe Flash Player, and web browsers will no longer support the Adobe Flash Plugin.
The deprecation of Adobe Flash Player is good news as it will reduce the attack surface of web browsers and operating systems and remove a point of entry that can be exploited by attackers.
News URL
Related news
- Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks (source)
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
- Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication (source)
- CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) (source)
- Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Adobe Patches 11 Critical ColdFusion Flaws Amid 30 Total Vulnerabilities Discovered (source)
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
- Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution (source)