Not long ago, a security staff from Microsoft released a statement that the company is keeping Adobe Flash Player, despite issues of security. It can be recalled that Web browsers are breaking away from Adobe Flash Player as it has become the main target for Trojan and phishing attacks.
Microsoft Remains Supportive of Flash Player
The most common browsers that abandoned support for Flash Player include Mozilla Firefox and Google Chrome. However, Microsoft has remained supportive of this app even with the threats associated with it.
Java applications were once the main target for these malicious attacks, exploiting vulnerabilities. However, changes were made with Internet Explorer and Java, as most browsers decided to abandon Java. As a result, threats were diverted to Adobe Flash Player instead.
Fixed Critical Issues
Thus, Adobe Flash Player was updated in order to fix critical vulnerabilities last year. A few months later, several other critical vulnerabilities were fixed with another update. This means that even after the release of new updates, exploit kits continue to attack vulnerable systems days later. Obviously, this is why many browsers are leaving Flash Player.
However, amid the risks presented with the use of Adobe Flash Player, Microsoft remained faithful to it. In fact, it has remained the default for Microsoft’s Edge and Internet Explorer 11. In this case, a lot of people are confused about this gesture because either Microsoft might have misplaced its loyalty or it has always been confident with the security system of the browsers.
Ability to Block ActiveX Controls
In a statement released by Microsoft, it claimed that real-time security software should be able to block ActiveX controls from loading malicious pages by implementing IExtension Validation. So before loading the controls, the browser would call the security software to scan the script content and HTML on that page before loading the ActiveX controls.
In the same manner, Microsoft Edge doesn’t show support for ActiveX or Java controls. This means that both browsers can limit the risks to a certain point. This might be great news for those who mostly rely on Flash Player content on their website. Likewise, marketers who invest so much on ads based on Flash Player can take advantage of this update. Therefore, you can still be able to enjoy Flash Player content as long as you would use either Internet Explorer 11 or Microsoft Edge as your browser of choice.
Problem With Updates
Microsoft has planned the release of security updates for Adobe Flash Player for operating systems namely Windows Server 2012, Windows Server 2012 R2, Windows 8.1, Windows 10, Windows RT 8.1, and Windows Server 2016.
In its announcement, Microsoft also revealed that there would be no other security updates scheduled to be released. That was until its monthly update scheduled last March 14, 2017. The updates were important for users who are still bound to use Flash content for Microsoft Edge and Internet Explorer.
However, this posed a problem because the patching method was amended. It started in February, as Microsoft announced that IE patches will no longer be included with the monthly Win7 and 8.1 security-only patches. Many users are still confused as to whether Microsoft can still be able to regulate the patches on all versions of Windows. As Adobe has kept on releasing patches regularly, can Microsoft catch up rolling out those patches into Edge and IE11?