Three years after the initial warning, Adobe has officially killed off Flash software.
In recent years Flash had developed a reputation for being a security risk on many systems due the high number of vulnerabilities discovered and exploited in the software. Now the software reached end-of-life on 31 December 2020 and Adobe will no longer issue security patches – meaning any vulnerabilities that remain to be discovered will never be patched and fixed.
Any system that has Flash installed could therefore be vulnerable to flaws discovered in the future that will never be fixed. The only way to protect your systems is to remove Flash.
To remove Flash from a Mac run the Adobe Flash Player Install Manager (usually found in Applications > Utilities) and click the Uninstall option. Detailed instructions and uninstall tools are available from Adobe.
Microsoft is issuing an update for Windows 10 that will remove Flash through Windows Update and WSUS in early 2021. Alternatively, you can manually remove Flash Player by following these instructions from Adobe.
Removing obsolete or unused software is an important principle in security hardening. By removing software from a computer, the attack surface is reduced meaning there is less software that could be attacked and exploited.