Bad news for Adobe. October was not a good month for the company. Although the United States government reversed with the measure that prevented the provision of services to Venezuelan users, new problems appeared on the horizon.
They have to do on the one hand with himGoogle's decision not to show Flash content in the search engine and a new user data leak.
What is the bad news for Adobe?
Let's start with the announcement made by Dong-Hwi Lee, Google's chief engineering officer.
Google search will stop supporting Flash later this year. On web pages that contain Flash content, Google will ignore Flash content. The searcher it will stop indexing standalone SWF files. Most users and websites will not see any impact from this change.
I confess that the bad news may sound a bit exaggerated. Firefox, Chrome and Microsoft browsers they no longer support it. In fact, Adobe promised to kill its media player by the end of the next year. It is the culmination of a process that began in 2010 when Steve Jobs refused to continue supporting him on his mobile products. Apple was a strategic partner of Adobe in the graphic design and multimedia production industry.
It also didn't help that Microsoft, seeing the failure of its Silverlight alternative, decided to join efforts to push the HTML5 standard. And let's say it all, Researchers encountered security problems almost every day.
Over the course of this decade, Internet companies were decreasing their support for Flash and, at the same time, increasing support for HTML5. Major browsers like Chrome and Firefox now block all Flash content by default
Statistics indicate that less than 5% of websites still use Flash content, up from 30% in 2011. So it is likely that nobody will find out if they do not read Linux Addicts.
Earlier this month, Adobe was the victim of a serious security incident that exposed the personal information of nearly 7,5 million users belonging to the Creative Cloud design applications service. It is a hybrid service of applications installed on the computer or mobile, and others that run in the cloud.
It is not the first time it happens. I had already had security problems a couple of years ago. I say this from experience, one of the compromised email addresses was mine and I was inundated with various offers of extensions and Nigerian princes. Do not ask what I am writing this post with.
According to the security company Comparitech, Adobe unsecured an Elasticsearch server to which could be accessed from the web without the need for password or authentication. The problem was discovered on October 19, and was fixed by Adobe as soon as it was reported by security researchers.
The exposed database included details such as email addresses, account creation date, products included in the subscription, subscription status, payment compliance, members' personal data, country of origin, time elapsed since last login and whether or not they were Adobe employees.
The database it did not include passwords or financial information. The possible consequences of leaking such exposure is the use of emails to attempt phishing attacks for specific purposes.
According to the discoverers of the problem
Scammers could impersonate Adobe or a related company and trick users into providing more information, such as passwords. Therefore, it is crucial that users activate two-factor authentication to add a second layer of account protection.
Bad news for Adobe and for those of us who have a Creative Cloud subscription.