Adobe promises to keep patching Flash on mobile ... but doesn't say for how long
Releases final version of Flash Player for Android
Computerworld - Adobe has promised to support the soon-to-be-orphaned Flash Player plug-in for mobile browsers, but has not said how long it will continue to patch security bugs in the software.
In a blog post Wednesday, Danny Winokur, the Adobe executive in charge of interactive development, said that the company would release one more version of Flash Player for Android and RIM's PlayBook before calling it quits.
That last version, labeled 11.1, shipped today.
Winokur, however, pledged that Adobe would keep patching some bugs in Flash Player.
"We will of course continue to provide critical bug fixes and security updates [emphasis added] for existing device configurations," said Winokur.
His mention of "critical bug fixes" may not mean much, as Adobe typically rates all its Flash security updates as "critical" across the board.
Another Adobe manager repeated that promise.
"Adobe will continue to ship security updates for Flash Player mobile after the final feature release," said Brad Arkin, the company's senior director of product security and privacy, in a message on Twitter Thursday.
But neither Winokur or Arkin spelled out how long Flash Player 11 security updates will be offered for smartphones and tablets. And on Thursday, Adobe's public relations staff declined to comment on a support timeline.
That struck Andrew Storms, director of security operations at nCircle Security, as odd.
"Why would they not tell us?" Storms asked. "That's to the detriment of everybody. If they make a date [for the end of support], that would get users off it sooner and force developers to get off Flash, too."
Storms speculated that Adobe may not have yet decided, or that commitments -- such as to one or more mobile service providers -- may have tied their hands.
Adobe's support policies aren't any help in calculating Flash Player's remaining time because unlike Microsoft, which hews to a time-oriented support lifecycle -- five years for consumer products, ten for enterprise software -- Adobe does not. Instead, the company promises to support only the current major version and the one before that.
However, some times Adobe pulls the trigger early "as a result of changing market conditions and impact to customers," according to its website. Last February, for example, Adobe retired Flash Player 9 even though Flash Player 11 had not shipped, citing the former's five-year run and its paltry 2% market share at the time.
Adobe's handling of Shockwave Player may be a better clue: Although Shcokwave Player 11 was introduced in March 2008, Adobe is still pushing patches to users, most recently on Tuesday.
Ironically, Adobe did patch Flash Player Thursday, releasing 11.1 for not only Android but also desktop browsers on Windows, Mac OS X and Linux.
The update fixed 12 flaws, all considered critical, most of them memory corruption vulnerabilities.
Yesterday's update was the ninth this year for Flash Player, nearly double the number Adobe released in all of 2010.
Users running desktop browsers other than Chrome -- Google also updated its browser, which includes Flash Player, on Thursday -- can download the patched version from Adobe's site.
Android users can obtain Flash Player 11.1 from the Android Market.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, or subscribe to Gregg's RSS feed . His e-mail address is firstname.lastname@example.org.
Read more about Mobile Apps in Computerworld's Mobile Apps Topic Center.
- Vehicles Best Practices Installation Guide With the Vehicle Best Practices Installation Guide you will learn the background on the problems and solutions as well as guidance for the...
- Use the Mobile App Mix to Choose an Enterprise App Store Strategy In this research report Gartner outlines how organizations can optimally secure, distribute, and manage mobile applications for employees and contracted workers.
- Mobile Device Management Policy Best Practices This white paper explores ten policy best-practices for secure and compliant enterprise mobility.
- Mobile Data Security: Finding the Balance Bring Your Own Device has changed the rules for corporate security on smartphones and tablets. Companies need to find the right balance in...
- Managing a Mobile Workforce Learn how this biotechnology company used a mobile device management solution to help secure data accessed by over 125 employees globally.
- Sametime 9.0 Demo Showcasing a simplified user interface for desktop, web and mobile clients, IBM® Sametime® V9.0 is energizing today's enterprise with high definition, real-time communications. All Mobile Apps White Papers | Webcasts