Adobe fixed eight vulnerabilities across three products, Flash Player, RoboHelp for Windows, and ColdFusion, as part of its September Patch Tuesday updates.

Mike Mimoso and Tom Spring discuss this week’s security news, including a discussion on recent hijacking of popular Chrome extensions and Adobe’s decision to end-of-life Flash Player.

The impending demise of Adobe Flash will create legacy challenges similar to Windows XP as companies begin to wean themselves off the vulnerable code base.

One of Tuesday’s Flash Player patches was a do-over after the researcher who privately reported the problem earlier this year discovered the original patch incompletely resolved the issue.

Microsoft patched 25 critical vulnerabilities, including a remote code execution bug in Windows Search.

Adobe today pushed out its first Flash Player update since announcing it would end-of-life the software in 2020.

Tens of millions of products ranging from airport surveillance cameras, sensors, networking equipment and IoT devices are vulnerable to a flaw that allows attacks to remotely gain control over devices or crash them.

Adobe only fixed six vulnerabilities in two products, making it the company’s smallest security bulletin of the year.

Adobe fixed 21 vulnerabilities across four products – Flash, Shockwave Player, Captivate, and Adobe Digital Editions – on Tuesday.

Adobe fixed eight vulnerabilities, seven critical, in Flash Player and Adobe Experience Manager (AEM) Forms product as part of its regularly scheduled updates Tuesday morning.