article featured image


Asking the real questions here: is Adobe Flash Player Safe? I would wager to say “no”; there have been far too many malicious attacks using Adobe’s Shockwave Flash for deployment and dissemination of malware.

Regarded mostly as a vulnerability rather than a practical software development, Adobe announced in early July 2017 that it will discontinue support for Flash Player by the end of 2020.

Yes, it’s indeed a red flag, but unfortunately, not the only one. Still planning on using Shockwave Player on your machine? You might change your mind after reading this article.

What is Adobe Flash Player?

Fascinating little gimmick this Flash Player is or rather was if we consider Adobe’s decision. And quite old: the very first version of Adobe’s Flash Player came out in January 1993, but only shifted into full swing around 2013. At that time, it was estimated that 400 million out of 1 billion desktop computers were using Flash Player.

Still, what the H-E-Double-Toothpick is this Shockwave Player? Well, to make a long story short, Flash Player is computer software used to run any type of content developed on the Flash Platform. This includes audio, video, vector graphics, 3D graphics, raster graphics, and various types of scripts.

Although loathed by most of the community for its lackadaisical security, Flash Player was once very popular. Long before HTLM5 was implemented, virtually every website was using Flash Player for videos and animations. Yes, that includes YouTube.

Over the years, things have changed. Flash Player is no longer considered an industry-standard since it can’t handle complex videos and animations. On top of everything, it’s regarded as a security liability. As a result, major browsers have begun sandboxing Adobe Flash Player; as sensible first step towards purging it all together.

Is Adobe Flash Player Safe?

I was never for blackballing software, regardless it’s legacy, useless, or really old. However, in Adobe Flash Player’s case, I’m going to make an exception. So, apart from the fact that it’s no longer able to keep up the pace, it has proven to be a major vulnerability.

XMRig Crypto Mining

The latest attack steak reiterates the need for a more secure web-based software development environment. According to a Palo Alto Networks security update, a next-gen malware masquerading as an Adobe push update would install XMRig crypto mining code on the victim’s PC.

Of course, like in many other cases, the infiltration could have been prevented if the user would pay more attention to the signs. As Palo Alto noted, the bogus update was not digitally-signed, which triggered a Windows UAC response since the publisher could not be verified.

And because no one ever bothers to check these things out, the user would have had dismissed the notification by continuing with the installation (bad move!). Cryptominers aren’t that bad – sure, they slow down your machine to the point where you’ll have trouble running a YT video, but that’s about the damage they can do.

Turla Spear-phishing

Still, there are instances when Flash Player went full dark side. In early January 2018, it was discovered that Adobe Flash Player was the perfect gateway for the dreadful Turla, an APT group suspected of numerous online illicit operations, from spear-phishing diplomatic bodies to dropping backdoor malware.

The method of execution was, more or less, the same – pushing a spiked Adobe Flash Player updating package, the group was able to gain instant access to the infected machine.

The CrescentCore Affair

Another instance when Adobe Flash Player proved to be an efficient attack vector was during the CrescentCore crisis of July which mostly affected Mac users. Cybersecurity researchers figured that the malicious payloads were delivered via a compromised Adobe Flash Player update, which was actually a DMG package.

Since it was virtually impossible to tell them apart, some researcher argued that it’s best to avoid installing Flash Player updates altogether, including those which are available for download on Adobe’s official website.

Brav0 #15982 Gone Rogue

Last, but not least, there’s the zero-day vulnerability discovered by Gigamon ATR in late December 2018. Codenamed CVE-2018-15982, this vulnerability was exploited in the wild through a breach in Adobe Flash Player’s base code. As for the payload, it was delivered via an infected Microsoft Office document.

Some Thoughts on Adobe Flash Player

Still planning on using Adobe Flash Player? Think of it this way:  at this very moment, Adobe Flash Player has more in common with the human appendix then it does with functional online software development environments.

More specifically, although the appendix used to serve a purpose a very long time ago, now it’s more or less useless (maybe it reasserts itself for a brief period, after which it’s surgery time).

That’s what Adobe Flash Player is – a time-bomb that could go out any second and a tool that has long ago fulfilled its role. Ironic, come to think of it since Shockwave is considered HTML5’s father.

Puzzling enough, despite Shockwave’s vulnerabilities, some websites continue to rely on it; and I’m not talking small fish here. Just the name a few, we have Crunchyroll, Vimeo, Huffington Post, CNN, Fox News, Funimation, and ever our dearly-beloved Hulu.

As it happens, Adobe Flash Player seems to have found a forever home in the online gaming industry. Yes, a great deal of those websites are powered by Adobe’s Flash Player and there’s not one thing someone can do about it!

So, what’s there to be done about Adobe Flash Player? Disable it, altogether, of course. If it’s only temporary or permanent, it’s entirely up to you. I usually like to keep under ask-type permission (a prompt will appear on the screen each time a website requests access to Flash Player).

Heimdal™ Threat Prevention Home makes sure that link is safe!
Your parents and friends will click any suspicious link, so make sure they're protected.
Heimdal™ Threat Prevention Home anti malware and ransomware protection
Heimdal™ Threat Prevention Home provides: Automatic and silent software updates Smart protection against malware Compatibility with any traditional antivirus.


Try it FREE

30-day Free Trial

How to deactivate/disable Shockwave Flash in your browser

Probably the easiest (and most comfortable) method of ensuring that your devices protected against Shockwave-spread malware is to deactivate or disable this module in your browser. Here’s how to do it.

For Chrome

  1. Click on the icon resembling three dots.
  2. Go to Settings.
  3. Under the “Default browser”, click the “Show advanced settings…” button.
  4. Scroll until you find the Privacy section.
  5. Click on “Content settings…”
  6. Scroll until you see “Flash”.
  7. If you want to be notified each time a website wants to run Flash, select the second option. In case you want to block Flash for good, select “Block sites from running Flash.”

For Firefox

  1. Click on the button with three horizontal lines.
  2. Select Add-ons.
  3. Click on Plugins.
  4. From the right panel, select Shockwave Flash.
  5. Use the drop-down list next to Options to select the appropriate action. You can choose to Allow All, Ask to Activate (recommended), and Block Flash.

For Edge

  1. Click on the Menu button.
  2. Select Settings.
  3. Scroll to the bottom and select View Advanced Settings.
  4. Under “Use Adobe Flash Player”, adjust the slider to the left to deactivate Flash Player.

For Brave

  1. Click on the button with three horizontal lines.
  2. Select Settings.
  3. In the left panel, select Additional Settings.
  4. Go to Privacy and security.
  5. In the right panel, scroll down until you see Site Settings. Click on the arrow to expand the menu.
  6. Scroll until you see Flash. Click on the arrow to expand the menu.
  7. Adjust the slider to the right to block Flash for all websites. By default, the browser is going to prompt you if a website wants to run Flash.

Additional Cybersecurity Tips

Disabling Adobe Flash Player should be enough ward off anything nasty, but you can always do better. Here are a couple of cybersecurity tips that will keep you safe while using Adobe Flash Player.

Always download updates from Adobe Official

As most of the malware’s spread through bogus updates, it would be for the best to go directly to Adobe’s website and get them from there. You might want to check every week or so and download the latest version.

Install Flash Player directly from Adobe

A variation on the same them – go to Adobe Central to get your Flash Player. It’s like cutting the proverbial middle-man in half and going straight to the big man himself. You should also try to stay as far as possible from third-party software that offers free Flash update or the player itself.

Update the player to the latest version

Did you know that up to 80% of successful malware attacks are attributed to unpatched software? The best way to avoid this would be to keep your Adobe Flash Player up-to-date. Set a reminder to look for updates at least once per week.

Let your browser handle your Flash updates (or not)

Bear in mind that some browsers, such as Chrome, automatically install Flash updates whenever they are made available. If your browser supports this feature, then all Flash update prompts should be treated with the utmost suspicion.

Install an antimalware solution

Your antimalware/antivirus software is your last line of defense. Make sure it’s a good one. If you’re having trouble picking one out, I would dare to suggest Heimdal Security’s threat prevention software. The DarklayerGuard can block just any kind of suspicious online activity, which also includes malicious Adobe push updates.

The easy way to protect yourself against malware
Here's 1 month of Heimdal™ Threat Prevention Home, on the house!
Heimdal™ Threat Prevention Home
Use it to: Block malicious websites and servers from infecting your PC Auto-update your software and close security gaps Keep your financial and other confidential details safe


Download Free Trial


Ad-blockers may sometimes be ineffective

Here’s one for you: why did the pop-up cross the screen? To get blocked on the other side. Well, that’s what an ad-blocker’s supposed to do, by design: block PUPs and other nasties. As it happens, in some instances, especially whenever APTs are involved, the ad-blocker is no longer able to filter out the notification. You know the drill: disable, scan, and report.


Is Adobe Play safe? Definitely not; apart from the fact that it’s obsolete, it’s also prone to all kinds of malicious attacks. Remember my advice: deactivate and stay safe. As always, for comments, rants, and donations of any kind, shoot me a comment.

Author Profile

Vladimir Unterfingher

Senior PR & Communications Officer

Experienced blogger with a strong focus on technology, currently advancing towards a career in IT Security Analysis. I possess a keen interest in exploring and understanding the intricacies of malware, Advanced Persistent Threats (APTs), and various cybersecurity challenges. My dedication to continuous learning fuels my passion for delving into the complexities of the cyber world.

Leave a Reply

Your email address will not be published. Required fields are marked *

Protect your business by doing more with less

Book a Demo