Even Uninstalling Flash Is A Security Risk
Gareth Andrews / 9 years ago
When it comes to security, there is a big risk to everyone available online in the form of Flash. A piece of software that’s been used for years for games and commercial software available online, but sadly the software has been plagued with a series of flaws and security risks. The result of the software seems to be that the public and the company itself are no longer recommending the software, with it use being slowly removed from the major web browsers. If you wanted to be safe you could always remove Flash from your PC, but sadly it would now seem that even uninstalling Flash is a security risk.
The vulnerability was discovered by security researcher Stefan Kanthak and state that any uninstallers for Flash prior to versions 22.0.0.192 and 18.0.0.360 (both released on the 15th June 2016) would load and use dynamic link libraries from Flash’s directory, meaning that someone could have put a custom DLL and have it run with elevated privileges.
When Kanthak reported the defect in the uninstallers in March it took only a month before the company has “fixed the exploit” in a patcher version. The sad truth being that the patched code still contained the flaw, just loading different DLLs. The latest report states that the uninstallers released on Wednesday resolve this issue, although if this is true we will wait to see. For now, if you want to go about uninstalling flash, you should be as careful as using the software itself.