Apple blocks old, unsafe Adobe Flash plug-in versions in OS X Safari
Following the discovery — and subsequent fix — of yet another critical Adobe Flash vulnerability last week, Apple activated its Web plug-in blocking capability for OS X Safari to protect Mac users from what Adobe describes as "limited, targeted attacks."
Apple posted a support document to its website on Monday saying Flash versions older than 220.127.116.11, or 18.104.22.168 on older machines, are now actively restricted from running on OS X. The precautionary measure is instituted to protect users unaware of the situation.
Adobe last week confirmed knowledge of the vulnerability, saying malicious users were conducting real-world attacks that "could cause a crash and potentially allow an attacker to take control of the affected system." A fix addressing the problem was pushed out on Friday.
As noted by Apple, Mac users running insecure Flash software will see the message "Blocked plug-in," "Flash Security Alert," or "Flash out-of-date." Clicking the alert link take users to Adobe's Flash installer page where the latest version of the plug-in can be downloaded and installed.
Apple is known be proactive in shielding unsuspecting customers from Flash vulnerabilities. The company activated its plug-in blocker last summer to protect against a flaw that allowed attackers to collect browser data, and most recently did the same in April.