On January 12 Just after 8:15 a.m. local time, computers began operating in the Dalian train operation in northern China. The senders’ browsers did not load the train schedule details. Six hours later, senders also lost the ability to print train data from the web application. According to the report from the depot on Weibo and WeChat, and a follow-up report a few days later, the system flickered for 20 hours before the IT staff finally stabilized it. The culprit appears to be a seismic, but not unforeseen, move on the Internet: the death of Adobe Flash Player.
By the end of 2020, Adobe will end support for its infamous yet nostalgic multimedia platform. On January 12, Adobe took a step further and caused a kill switch that it had been distributing for months in Flash updates that prevented its contents from running into the player – making the software virtually unusable. The company has been warning about the transition for years, while browsers like Chrome and Firefox have gradually pushed users to other standards. Apple has been trying for a full decade to take web developers away from Flash. But organizations like the Dalian Depot did not get the memo. Frantic staff eventually pirated old versions of the software, and even modified them to run on all different versions of Windows to stabilize the system.
‘Twenty hours of fighting. No one complained. No one gave up. “With the solution to the Flash problem, we have changed our view of hope in the fuel for progress,” officials said in a post-mortem. translate by journalist Tony Lin.
The Dalian Depot incident speaks to the reality that Flash is not really dead yet, and that it will continue untouched – and sometimes no one knows – in networks around the world. China is the only world in the world where Flash will still be officially available through a distributor that Adobe partnered with in 2018. But some users have complained about problems with the dedicated Chinese version of the program and have found solutions to keep the usual usage. issue.
After decades of abuse by hackers, especially those who run ‘wrong’ advertising schemes, Flash installations – whether forgotten or deliberately maintained – could expose networks for years to come. After all, the versions of the software that have not been updated recently do not have the kill switch. And because Adobe no longer supports the software, there will be no security suite for new Flash vulnerabilities that come to light.
“Flash Player may remain on your system unless you uninstall it,” Adobe says in a FAQ. ‘Adobe has blocked Flash content from running in Flash Player from January 12, 2021, and the major browser providers have disabled and will continue to disable Flash Player. not to run after the EOL date. ”
In October, Microsoft also released an optional update for Windows 8 and higher that removes the built-in version of Flash from the operating system.
Despite this multiple strategy, however, some installations will continue. In addition to the risk that organizations will not update their software, Adobe’s latest version of Flash includes a special enterprise feature that enables network administrators to essentially dominate the dead switch and “allow” Flash features on a to post list. “Any use of the domain-level permission list … is strongly discouraged, will not be supported by Adobe and is entirely at the user’s own risk,” the company says.
Even organizations that remove Desktop Flash should also be concerned about browser versions if they do not update regularly. For systems that cannot or will not easily receive updates, these two locations of Flash Player can mean double exposure.