In what might seem to be an odd warning, the UK’s National Cyber Security Centre released a statement urging people to not disable browser and/or platform updates as a way of continuing to use Adobe Flash Player after 2020. The NCSC fears that some system administrators may disable browser updates as a way to keep using Adobe Flash, with a complete disregard for the safety of their environment. Instead of keeping Adobe Flash past the December 31st, 2020 end-of-life, NCSC recommends that users work with vendors to remove Flash altogether. Flash has been used by threat actors to deliver malware almost as long as Flash has existed as a browser plug-in. In general, any browser plug-in that allows remote websites to execute code on the computers of website visitors automatically is potential risk that attackers will seek to exploit.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in