Adobe drops IE6 Flash support

Powered by SC Magazine
 

And fires massive attack on Flash zero days.

Usually it’s people like Steve Jobs knifing Adobe's Flash Player, but this time Adobe is on the other side, killing support for Microsoft’s aging desktop browser Internet Explorer 6.

Almost no one will be affected by Adobe’s decision to ditch Flash Player support for IE6. Just 7 percent of the world use IE6, and they’re mostly from China, except one key group in the West: enterprise desktop users running Windows XP machines. 

Just 1.2 percent of Australians use IE6, so most consumers won’t care about Adobe's decision, but there are tens of thousands of desktop users who work for Australia’s largest organisations -- the Australian Taxation Office, Westpac and National Australia Bank to name a few -- that have no choice but to use the clunky, tabless browser

Those workers are tied to IE6 because of big, old enterprise applications from the likes of SAP and Oracle which have web front-ends that only run properly in IE6. 

The same goes for workers in large US organisations. Secretary of State Hillary Clinton put an end to the US Department of State's ‘IE6 cage rage’, recently announcing it would deploy a second browser, Chrome, alongside IE6 for 100,00 desktops, to support parts of the web beyond legacy applications.

The version of Flash Player that Adobe will no longer support is legacy too. 

“Since Flash Player 11 was first released in September 2011, we have continued to maintain Flash Player 10.3 with security updates for users who cannot update to the current version of Flash Player,” senior Adobe security engineer Peleus Uhley said.

"In support of Microsoft's initiative to get the world to drop Internet Explorer 6 and upgrade to a newer version of Internet Explorer for a safer browsing experience, Adobe will be dropping support for Internet Explorer 6 starting with today's release of Flash Player 10.3."

Uhley said, however, that Adobe "will not block the installation of newer versions of Flash Player 10.3 on systems running Internet Explorer 6".

Adobe tackles Flash zero days with stealth updates 

Threats against Windows XP and above should also decline with Adobe’s introduction of updates by stealth, which Uhley compared to the way Google updates Chrome. 

“The new background updater will provide a better experience for our customers, and it will allow us to more rapidly respond to zero-day attacks. This model for updating users is similar to the Google Chrome update experience, and Google has had great success with this approach,” he said. 

It will be an important security move for Adobe, which acknowledges that nearly every piece of malware installs through an exploit kit that targets widely-used but outdated software.

That makes Adobe’s Flash Player a popular target to breach mostly Windows-based systems, but also socially engineer attacks against Mac OS X users. 

“Attackers have been taking advantage of users trying to manually search for Flash Player updates by buying ads on search engines pretending to be legitimate Flash Player download sites.”

Adobe released its latest Flash update on Wednesday, version 11.2, recommending consumers check the “install updates automatically when available” field, which should stop people aimlessly wandering the web for the latest Flash update only to install malware.  

Enterprise, which need more controlled updated processes, will be given an option to disable silent Flash updates.  

“Organisations with managed environments do have the capability to disable the background updater feature through the Flash Player mms.cfg file,” Uhley said. 

Copyright © iTnews.com.au . All rights reserved.


Adobe drops IE6 Flash support
Credit: Adobe.
 
 
 
Top Stories
Meet FABACUS, Westpac's first computer
GE225 operators celebrate gold anniversary.
 
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
 
Credit: Adobe.
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  26%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  21%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 341

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  58%
 
No
  42%
TOTAL VOTES: 143

Vote