AppleInsider Staff
After pushing out OS X Lion 10.7.4 which included Safari version 5.1.6, Apple rolled out a separate update for the browser that can be downloaded by OS X 10.7.3 Snow Leopard, OS X 10.7.4 Lion and Windows users.
According to Apple's Safari 5.1.7 Support Page, the update is meant to disable older versions of Flash that pose a security risk as they lack the latest vulnerability patches.
Safari 5.1.7 will scan a Mac's Flash assets for out-of-date software, disable it if found and inform the user via a dialog box. A link to Adobe's website is integrated into the dialog so that users can easily locate and install the most current Flash Player.
If users need to roll back to a previous version of Flash, they must navigate to the "/Library/Internet Plug-Ins (Disabled)" folder on their Mac, drag "Flash Player.plugin" into the active "/Library/Internet Plug-Ins" folder and restart the browser. A brief tutorial is provided at Apple's Support Pages.
From the release notes:
Lion
Safari 5.1.7 contains improvements to performance, stability, compatibility, and security, including changes that:
Improve the browser's responsiveness when the system is low on memory
Fix an issue that could prevent webpages from responding after using a pinch to zoom gesture
Fix an issue that could affect websites using forms to authenticate users
Disable versions of Adobe Flash Player that do not include the latest security updates and provide the option to get the current version from Adobe's website.
Windows
Safari 5.1.7 contains improvements to performance, stability, compatibility, and security, including changes that:
Improve the browser's responsiveness when the system is low on memory
Fix an issue that could affect websites using forms to authenticate users
Apple has become increasingly leery about third-party applications, perhaps due to the recent Flashback malware debacle that affected more than 600,000 Macs worldwide. One of the trojan's first iterations was discovered in 2011 when it disguised itself as a Flash Installer, though the exploit had nothing to do with Adobe's software.
Most recently, Apple released a Java update to cope with Flashback and even created a dedicated removal tool for those Mac owners who didn't already have Java installed on their computers.
The Safari update comes in at 44.98MB for Lion and 47.72MB for Snow Leopard and can be downloaded via Software Update or Apple's Support Downloads page.
Andrew Orr
Amber Neely
William Gallagher
Christine McKee
34 Comments
Why not just have it come with Click2Flash installed and prevent Flash from installing in Safari at all?
In before cries of "Monopoly!" I'd like to see them explain that one.
Why not just have it come with Click2Flash installed and prevent Flash from installing in Safari at all?
In before cries of "Monopoly!" I'd like to see them explain that one.
Certainly it is only useful to have Click2Flash installed if you already have Flash? It is my understanding that with Click2Flash, it will look to the server of the website as the browser has Flash installed and won't show alternative media intended for users without Flash.
Certainly it is only useful to have Click2Flash installed if you already have Flash? It is my understanding that with Click2Flash, it will look to the server of the website as the browser has Flash installed and won't show alternative media intended for users without Flash.
Nope, Click2Flash provides direct MP4 alternatives to video (in a QuickTime shell) as opposed to site-specific HTML (if there is one), so it's good for that.
Good for them. There's little, if any, reason to stick with an older version if you're going to the latest version of a browser. I think Firefox or Chrome does similar. If it's too far out of date, one or both of those will tell you when the program first opens.
Nope, Click2Flash provides direct MP4 alternatives to video (in a QuickTime shell) as opposed to site-specific HTML (if there is one), so it's good for that.
Ah, that is true of course. Personally I feel the whole clicking step is somewhat annoying but since current implementations and "best" practices seem to favour auto-loading and auto-playing of video it can be useful sometimes.