nspluginwrapper

Sat Apr 23 13:21:14 UTC 2011

g wrote:
> latest flash is 10.2.159.1.
>
> anything prior has security and crash problems.

Craig White objected:
> the implication being that the specific version mentioned doesn't have
> known security and crash problems which I think both have been found to
> be incorrect implications.

JD asked:
> Well, have any security exploits been detected
> or publicized in latest version?

It is a truism that every non-trivial program has bugs in it. Adobe
Flash player merely seems to have way more than its fair share.

Since it is intended to run programs from non-trusted sources, it is
inevitable that many of these bugs will have security implications.

After too many security vulnerabilities, too many fixes, and too many
zero-day exploits going unfixed for too long, running Flash makes it way
too likely that you are vulnerable to exploits that various criminals
know about and you don’t.

At one recent security conference:
    Paul Baccus, a senior threat researcher at Sophos, asked if anyone
    from Adobe was in the session. After a pause a voice at the back
    shouted “Of course not, it’s a security conference.”
        – Graham Cluley, senior technology consultant at Sophos, quoted
        in
http://theinquirer.net/inquirer/news/1736408/insecurity-experts-banish-pdf

James.

-- 
E-mail:     james@ | Blessed are the pessimistic, for they take backups.
aprilcottage.co.uk | 