The Adobe Flash Player will reach its end-of-life on January 1st, 2021 after 18 years of being a security risk. Over its life, attackers have abused its vulnerabilities to create multiple zero-day and critical exploits that were used by cybercriminals and nation-state actors alike. These groups were able to install malware, remotely execute malicious code, and even take over users’ computers when the victim simply visited a malicious web page using a web browser with the ubiquitous Flash player installed. The decision to stop Flash was taken due to the decreasing numbers of people using Flash and moving to more secure and better performing technologies such as HTML5, WebGL, and WebAssembly that are available in modern web browsers. Tomorrow Adobe will stop distributing or updating Flash Player and most web browsers will stop supporting the program. Flash Player’s end-of-life is good news because it will reduce the attack surface that cybercriminals can use to access users’ web browsers and operating systems, as long as IT administrators completely remove the software from systems.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in