Thursday, July 10, 2014, 09:27 pm PT (12:27 am ET)
Apple blocks older Flash plug-in versions in Safari due to vulnerabilityApple late Thursday issued a security message saying it has blocked old versions of Adobe's Flash Player plug-in for Safari, citing a recent flaw that could potentially allow hackers to harvest browser data like cookies.
As noted in an updated support document regarding the issue, Apple has taken action against a recently discovered Flash vulnerability by restricting plug-in access through its Safari Web browser.
Users with out of date plug-ins will be met with a message saying, "Blocked plug-in," "Flash Security Alert" or "Flash out-of-date" when attempting to access Flash content in Safari. Clicking on the alert takes users to Adobe's Flash installer page, where the latest version of the plug-in can be downloaded and installed.
According to Adobe, the flaw can be found in Flash Player for Mac version 184.108.40.206 and earlier. After a proof-of-concept exploit was demonstrated by Google engineer Michele Spagnuolo, Adobe advised Mac users to update to version 220.127.116.11. Aside from OS X, Windows and Linux builds of Flash were also affected by the bug.
Users who need to run older, flawed versions of Flash may do so by configuring Safari's plug-in management settings to allow specific websites to "Run in Unsafe Mode." Re-enabling older Flash versions requires Safari 6.1 or later.
On Topic: Mac OS X
- Apple releases OS X Yosemite Public Beta 2, new iTunes 12 beta for testing
- Intuit releases redesigned Quicken 2015 for Mac, first new version in 7 years
- Apple releases Safari 7.1 and 6.2, OS X Server 3.2 betas to developers
- Apple updates pro-level video suite with fixes for Final Cut Pro X, Compressor and Motion
- Mailbox for Mac hits public beta, adds synced drafts and 'snooze to desktop' feature