Vulnerability Management

Sen. Wyden calls for the removal of Flash Player from federal sites, computers


Senator Ron Wyden, D-Ore., is asking the government to cease using Adobe Flash Player, citing the software's problematic cybersecurity history as the primary reason.

Wyden made his request in a July 25 letter to NIST Director Walter Copan, NSA Director Gen. Paul Nakasone, and DHS Secretary Kirstjen Nielsen, asserting that the need to eliminate Flash is due to its “inherent security vulnerabilities” and the software's end of life in 2020. Wyden noted that the US-CERT has issued warnings concerning the use of Flash since 2010, and once Adobe stops supporting the software with security fixes in three years it will only become a bigger security issue.

“The federal government has too often failed to promptly transition away from software that has been decommissioned,” Wyden wrote, further pointing out the government had to pay millions of dollars for premium Microsoft support when Windows XP reached its end of life in 2014.

Wyden called for a mandate that government agencies stop the deployment of new Flash-based content on any federal website starting within 60 days, and require all federal agencies to remove all Flash-based content from their sites by August 1, 2019. He also said Flash should be removed from all employee desktop computers by the same date.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.