Major browsers such as Chrome, Edge or Firefox won't support Flash either anymore, and these decisions lead to a question that none of the decision makers have provided an answer for: what if a user needs to access Flash content after 2020, and what happens to Flash content that is still available on the Internet as it won't just vanish when the technology is disabled?
Fortunately, the sandbox is still there to help protect you.Īnd that’s it! The entire process of uninstalling Flash and installing Chrome for those sites that still require it takes only a few minutes, and it provides a ton of extra security.Adobe Flash will no longer be supported in 2021 Adobe released the final Flash update in December 2020 and announced that it will disable Flash functionality in 2021.
After installing Chrome I do two things:įirst, I go to Preferences > Settings > Show Advanced Settings > Privacy and disable everything except “Enable phishing and malware protection.” That reduces Google’s tracking, although turning off those other features also slows down both Chrome’s page fetching and your Web browsing speed. Personally, I decided to switch to Chrome completely since it is, overall, the most secure Mac browser on the market, especially once Google sandboxed Chrome’s version of Flash.
I originally got this idea from John Gruber of Daring Fireball, and over time I’ve found that this simple method of isolating Flash to Chrome works great, especially since an ever-increasing number of sites push HTML5 video to Safari automatically if Flash is missing. Then simply launch Chrome whenever you want to see Flash content. My recommendation is to install Google Chrome, even if you don’t plan on using it as your primary Web browser. Plus, since Chrome automatically updates itself, you never have to fuss with the Flash Player installer again. This extra barrier makes it a lot less likely you will be compromised even when vulnerabilities are discovered in Flash. This doesn’t mean that Chrome’s version of Flash is invulnerable, but an attacker must first compromise Flash and then break out of the sandbox to attack your Mac. Better yet, starting back in November 2012, Chrome sandboxes Flash from the rest of your Mac.
The free Google Chrome Web browser includes its very own integrated version of Flash. “But wait,” you say, “my kids will kill me if they can’t play those Flash-based Disney games.” Not to worry, there is an easy solution, thanks to Google. This completely removes Flash from your operating system, making it impossible for an attacker to target it. The first step is to uninstall Flash by using Adobe’s official uninstaller application. This is both easier and requires far less fuss going forward than you might think, and it is how I’ve been using my Mac for the past year or so. Instead of leaving Flash on your Mac, you can instead isolate it and thus reduce the attack surface available to the bad guys.
Under normal circumstances, we recommend updating immediately whenever an important security patch is released, but in this case, we have a somewhat different recommendation. While we at TidBITS don’t know currently the details of the Mac exploits, Adobe clearly states Macs are actually being attacked. This release fixes a vulnerability that is actively being used to exploit both Mac and Windows users through Web browsers and via malicious Microsoft Word email attachments (with Flash embedded). On 7 February 2013, Adobe released an important security fix for Flash Player on the Mac, Windows, Linux, and Android. Isolate Adobe Flash by Using Google Chrome
#1608: How to test Internet responsiveness, Wordle takeoffs, understand cryptocurrency.