Flash has had serious security issues for years. The following news item was posted on arstechnica.com on August 21st.
Chrome 69, due to be released on September 4, is going to take the next step toward phasing out support for Adobe’s Flash plugin.
Chrome started deprecating Flash in 2016, defaulting to HTML5 features and requiring Flash to be enabled on a per-site basis. Currently, that setting is sticky: if Flash is enabled for a site, it will continue to be enabled across sessions and restarts of the browser.
That changes in Chrome 69—Flash will have to be enabled for a site every time the browser is started. This means that Flash content will always need positive, explicit user permission to run, making the use of the plugin much more visible—and much more annoying.
This effort will come to an end in 2020, as that’s when Adobe is going to stop developing the Flash plugin entirely.
There are other alternatives for posting videos including YouTube and even Stream (in Office 365) both of which support closed captioning for ADA compliance. If your site currently uses Flash, you may want to take this opportunity to consider using other options.