AppleInsider Staff
Apple late Thursday issued a security message saying it has blocked old versions of Adobe's Flash Player plug-in for Safari, citing a recent flaw that could potentially allow hackers to harvest browser data like cookies.
As noted in an updated support document regarding the issue, Apple has taken action against a recently discovered Flash vulnerability by restricting plug-in access through its Safari Web browser.
Users with out of date plug-ins will be met with a message saying, "Blocked plug-in," "Flash Security Alert" or "Flash out-of-date" when attempting to access Flash content in Safari. Clicking on the alert takes users to Adobe's Flash installer page, where the latest version of the plug-in can be downloaded and installed.
According to Adobe, the flaw can be found in Flash Player for Mac version 14.0.0.125 and earlier. After a proof-of-concept exploit was demonstrated by Google engineer Michele Spagnuolo, Adobe advised Mac users to update to version 14.0.0.145. Aside from OS X, Windows and Linux builds of Flash were also affected by the bug.
Users who need to run older, flawed versions of Flash may do so by configuring Safari's plug-in management settings to allow specific websites to "Run in Unsafe Mode." Re-enabling older Flash versions requires Safari 6.1 or later.
Andrew Orr
Amber Neely
William Gallagher
Christine McKee
41 Comments
Good. Though haven’t they already been doing this with all older versions?
In other news… Many Users Have Been Blocking Adobe Flash Versions 0.0 Thru [SIZE=5]∞[/SIZE].
I haven't had Flash installed in over 3 years now. In the last 24 months or so I think I have only had an issue where I was promoted to install Flash on a site maybe 3-4 times and all of those times I was able to access the content I needed anyways. When are we going to see Flash and the inherited vulnerabilities be something of the past?
When Apple finally buys Adobe and shuts down everything but Photoshop and Illustrator.
“What about Light…”
Integrated into Photos.
“What about Prem…”
Integrated into Final Cut.
“What about After…”
Integrated into Motion.
“What about Audi…”
Integrated into Logic.
“What about Dream…”
It’s terrible. Use Coda.
“What about InDes…”
Integrated into Pages. Imagine how great Pages would be with professional layout tools!
[quote name="realjustinlong" url="/t/181317/apple-blocks-older-flash-plug-in-versions-in-safari-due-to-vulnerability#post_2562562"]I haven't had Flash installed in over 3 years now. In the last 24 months or so I think I have only had an issue where I was promoted to install Flash on a site maybe 3-4 times and all of those times I was able to access the content I needed anyways.[/quote] Same here. And whenever I hit a site that uses Flash that I want to see, like Google Street View, I simply grab my 1st Gen iPad. Love that app from Apple. For regular webpages, irony to the max, I grab my other iPad and the site simply has the content in a different format. YouTube is one of those sites from Google that I think is truly despicable so I don't even go there. [quote]When are we going to see Flash and the inherited vulnerabilities be something of the past?[/quote] Probably never. There's no reason why different tech can't both be alive. There's stuff Flash can do that HTML5 can't.