TechMiso

According to the Adobe Flash Player Team Blog, the long awaited Flash Player 10.1 has been released:

From hardware decoding to better buffering, p2p video, multicast and http streaming — there are many improvements in Flash Player 10.1 with regards to web video delivery and playback. For desktops, Flash Player 10.1 introduces hardware-based H.264 video decoding to deliver smooth, high quality video with minimal overhead across supported operating systems. Using available hardware to decode video offloads tasks from the CPU, improving video playback performance, offering smoother frame rates, and reducing system resource utilization

There is a plethora of new features and improvements in Flash Player 10.1, all of which are clearly outlined on the Flash Blog. One thing to note, Flash 10.0 does not appear to be affected by the most recent critical vulnerability allowing attackers potential remote control of affected workstations.

The single-most sought after feature Mac OS X users will most likely enjoy is the addition of hardware decoding. This should make video playback on the Mac less jerky, and less processor intensive, potentially improving the use of Flash on that platform.

Adobe also added multi-touch support to Flash 10.1, in lieu of the hope that Flash will be added to the many mobile devices expected to be produced this year – iOS devices obviously excluded. Android 2.2 “Froyo” appears to be the front runner in the flash-for-mobile race.

Many companies are beginning to rollout touch enabled devices, and not just smartphones, but tablets as well as PCs like the HP Touchsmart. With Flash Player 10.1, you can take advantage of the latest hardware and operating system user interaction capabilities using a new set of ActionScript 3 APIs for multi-touch and native gesture events, creating the ability to interact with multiple objects simultaneously or work with native gestures, such as pinch, scroll, rotate, scale, and two-finger tap. Multi-touch may be one of the most important features for developers and designers creating new content with the Flash Platform, knowing your implementations may be easily extended to devices with touch capabilities.

It looks like Adobe took their time to make Flash 10.1 a decent product. The only outstanding question is this: how many critical security vulnerabilities will be found in this version of Flash? Adobe seems to be the one company consistently producing exploit-riddled products.

Adobe Flash, Adobe Reader and Adobe Acrobat are riddled with more security holes than just about any other commercial application available today. Yet another critical vulnerability has been found in all three products, all of which are being actively exploited by malicious attackers and which may allow attackers to remotely control the affected machines (emphasis added):

A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat.

An inordinate amount of time is spent patching Adobe related vulnerabilities compared to other products. Even the huge amount of updates Microsoft releases on Patch Tuesday do not compare. At the very least, Microsoft patches are rather easily applied and rarely require multiple installs. On the other hand, Adobe patches often times do not install correctly and require multiple passes.

Do yourself a favor and install Google Chrome, Firefox or Safari – three browsers completely capable of HTML5 video – and uninstall Adobe Flash. YouTube offers HTML5 video to those browsers capable and those users who are interested in not using Flash to play their videos. Unless you play flash-based games chances are you do not need Adobe Flash.

On OS X there is no need for Adobe Acrobat as Preview natively opens PDF files and most applications are capable of creating PDF files without additional software required. There is a host of alternative PDF software for Windows available. Install one of many freeware PDF viewers and remove Adobe Acrobat and/or Adobe Reader.

Once you free yourself from the Adobe shackles you will feel a whole lot safer, and without the added burden of having to constantly update your system due to the frequent vulnerabilities found in the ubiquitous Adobe products.

With Adobe’s latest crasher bug going on two years after being discovered, Adobe finally released a statement saying they in fact dropped the ball during software development of Adobe Flash 10.

Did Adobe just ignore a well known and significant flaw in their software and in turn ship a degraded Flash player out to the masses?

Read the full story …