Go Back   MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Reply
 
Thread Tools Search this Thread Display Modes
Old Feb 8, 2013, 08:17 AM   #1
MacRumors
macrumors bot
 
Join Date: Apr 2001
Adobe Releases Flash Player Update to Patch Security Holes as Apple Blocks Earlier Versions




As noted by Ars Technica, Adobe late yesterday issued a security bulletin announcing that it was releasing updates to Flash Player in order to address a pair of security vulnerabilities targeting Mac and Windows users.
Quote:
Adobe is also aware of reports that CVE-2013-0634 is being exploited in the wild in attacks delivered via malicious Flash (SWF) content hosted on websites that target Flash Player in Firefox or Safari on the Macintosh platform, as well as attacks designed to trick Windows users into opening a Microsoft Word document delivered as an email attachment which contains malicious Flash (SWF) content.
Users can manually download the new 11.5.502.149 version of Flash Player from Adobe's site, or those who have specified that Adobe may update Flash Player automatically may simply allow it to do so.

In response to the issue, Apple has updated its Xprotect anti-malware system to enforce new minimum version requirements blocking all previous versions of Flash Player. Apple has used the system several times over the past month to block vulnerable versions of Java.

Apple has also posted a new support document addressing the issue and explaining to users how to update Flash Player when they discover that the plug-in has been blocked.

Article Link: Adobe Releases Flash Player Update to Patch Security Holes as Apple Blocks Earlier Versions
MacRumors is offline   0 Reply With Quote
Old Feb 8, 2013, 08:22 AM   #2
OrangeSVTguy
macrumors 601
 
OrangeSVTguy's Avatar
 
Join Date: Sep 2007
Location: Northeastern Ohio
How long before the next "vulnerability" and apple shuts this one down?
__________________
Browsing the forums from my Powerbook G4
OrangeSVTguy is offline   2 Reply With Quote
Old Feb 8, 2013, 08:22 AM   #3
Squilly
macrumors 68020
 
Squilly's Avatar
 
Join Date: Nov 2012
Location: PA
What is with all the exploits lately.... Get it right people!
__________________
iPhone 6 16gb Space Gray Sprint
Squilly is offline   1 Reply With Quote
Old Feb 8, 2013, 08:24 AM   #4
JaySoul
macrumors 65816
 
Join Date: Jan 2008
Flash, Flash, why do you crash?
JaySoul is offline   12 Reply With Quote
Old Feb 8, 2013, 08:25 AM   #5
autrefois
macrumors 65816
 
autrefois's Avatar
 
Join Date: Oct 2003
Location: Somewhere in the USA
Apple needs to stop blocking software. If they want to display a warning, fine. But for people who rely on their computers to do actual work, it isn't acceptable for them to keep disabling software that many people use and need on a daily basis. Inform people of the vulnerability and give them the option of disabling it.
autrefois is offline   25 Reply With Quote
Old Feb 8, 2013, 08:26 AM   #6
Ricanlegend
macrumors 6502a
 
Join Date: Apr 2009
Location: Bronx,Ny
Does anybody use flash anymore ? I been blocking flash for 4 years
Ricanlegend is offline   13 Reply With Quote
Old Feb 8, 2013, 08:27 AM   #7
Saladinos
macrumors 68000
 
Saladinos's Avatar
 
Join Date: Feb 2008
This is why Apple have been fighting for a plugin-free web.

It's certainly cost them sales (not having flash and to a lesser extent Java on iOS devices, for example), but it's worth it. I'm glad they didn't take the easy road.
Saladinos is offline   20 Reply With Quote
Old Feb 8, 2013, 08:28 AM   #8
TheNextBigThing
macrumors member
 
Join Date: Feb 2012
Location: Pearl of the Orient
Tried to open the download link.
"Your Google Chrome browser already includes Adobe® Flash® Player built-in. Google Chrome will automatically update when new versions of Flash Player are available."
TheNextBigThing is offline   2 Reply With Quote
Old Feb 8, 2013, 08:28 AM   #9
ProudLoz
macrumors regular
 
Join Date: Aug 2012
Quote:
Originally Posted by autrefois View Post
Apple needs to stop blocking software. If they want to display a warning, fine. But for people who rely on their computers to do actual work, it isn't acceptable for them to keep disabling software that many people use and need on a daily basis just because there's a vulnerability out there.
This. Although I wasn't working, I did find it annoying that a lot of the websites I visited that needed the adobe plug-in where completely useless because of this block.
ProudLoz is offline   6 Reply With Quote
Old Feb 8, 2013, 08:29 AM   #10
fullauto
macrumors 6502a
 
fullauto's Avatar
 
Join Date: Oct 2012
Location: Brisbane
Urgh get rid of it already.
fullauto is offline   2 Reply With Quote
Old Feb 8, 2013, 08:31 AM   #11
xionxiox
macrumors regular
 
Join Date: Jul 2010
Location: Hell
Quote:
Originally Posted by ProudLoz View Post
This. Although I wasn't working, I did find it annoying that a lot of the websites I visited that needed the adobe plug-in where completely useless because of this block.
This seems to be the only way things have been getting fixed tho...
__________________
I am an Apple Lover & I require cookies.
Blue iPod Shuffle 2012, iPhone 5 (White), Macbook Unibody (Pre-Pro), On my 6th Magsafe charging cord.
xionxiox is offline   7 Reply With Quote
Old Feb 8, 2013, 08:32 AM   #12
Macrolido
macrumors regular
 
Join Date: May 2012
Location: Monterrey, Mexico
Flash is the cáncer of OS X.
Macrolido is offline   9 Reply With Quote
Old Feb 8, 2013, 08:35 AM   #13
BornAgainMac
macrumors 601
 
BornAgainMac's Avatar
 
Join Date: Feb 2004
Location: Florida Resident
I never hear any problems with Microsoft Silverlight. Is it extremely secure or just nobody uses it or cares?
BornAgainMac is offline   2 Reply With Quote
Old Feb 8, 2013, 08:36 AM   #14
AngerDanger
macrumors 65816
 
AngerDanger's Avatar
 
Join Date: Dec 2008
Location: doing the Dada Polka
Total Poetry Time®

Quote:
Originally Posted by JaySoul View Post
Flash, Flash, why do you crash?
My poor keyboard, you make me smash.
AngerDanger is offline   12 Reply With Quote
Old Feb 8, 2013, 08:36 AM   #15
ncaissie
macrumors 6502a
 
Join Date: Dec 2011
Quote:
Originally Posted by Ricanlegend View Post
Does anybody use flash anymore ? I been blocking flash for 4 years
Then you are not a gamer. Most game sites are still being developed in Flash.
__________________
2011 MacBook Pro iPod touch 2G iFone 5! iPad 2 ATV 2G
ncaissie is offline   2 Reply With Quote
Old Feb 8, 2013, 08:38 AM   #16
scaredpoet
macrumors 603
 
scaredpoet's Avatar
 
Join Date: Apr 2007
Quote:
Originally Posted by TheNextBigThing View Post
Tried to open the download link.
"Your Google Chrome browser already includes Adobe® Flash® Player built-in. Google Chrome will automatically update when new versions of Flash Player are available."
Yeah, all versions of Chrome come with an internalized Flash instance separate from the OS. So, for someone like autrefois who wants to run an insecure plugin, they can just use Chrome.

Funny how the devs do this for Flash, but continue to take a stand against a real standard like H.264.

Quote:
Originally Posted by autrefois View Post
Apple needs to stop blocking software.
No, people need to stop making users "do actual work" using poor platform choices and insecure software. Flash and Java's times are over. I'm glad Apple is doing this, because it highlights the fact that these plugins need to go.
__________________
If you're not a clairvoyant, then you shouldn't be speaking for a dead guy.
I'm here to talk about Apple stuff, and related tech stuff. Your political beliefs? I really couldn't care less about.
scaredpoet is offline   18 Reply With Quote
Old Feb 8, 2013, 08:38 AM   #17
SOLLERBOY
macrumors 6502a
 
Join Date: Aug 2008
Location: Manchester,UK
Great, go through the process and it's still blocked. It just re installed the same version I had.
__________________
27" iMac i7 3.4 3TBF 680MX Very Late 2012
17" MacBook Pro 2.2 i7 8GB 64GB Early 2011
16GB iPhone 6+ Space Grey 32GB iPad Air
SOLLERBOY is offline   0 Reply With Quote
Old Feb 8, 2013, 08:41 AM   #18
autrefois
macrumors 65816
 
autrefois's Avatar
 
Join Date: Oct 2003
Location: Somewhere in the USA
Quote:
Originally Posted by ProudLoz View Post
This. Although I wasn't working, I did find it annoying that a lot of the websites I visited that needed the adobe plug-in where completely useless because of this block.
Yes, I completely agree it is annoying (and in my opinion unacceptable) in general, whether it's for work or not.

I mentioned work because I happened to be trying to access something for work at the time, and I was anticipating that people would say (and I see it's already started) things like: who needs Flash, haven't used Flash in ages, let's destroy Flash once and for all, etc.

Yes, this time there is a fix available right away (which was not the case with Java recently). And no, I don't like Flash. But sometimes, there isn't another option right now.

Why should we have to guess what software Apple is or isn't going to decide to block every day? It is the consumer's responsibility to make sure their computer is safe. Popping up a warning before running it would be more than sufficient.

Last edited by autrefois; Feb 8, 2013 at 08:47 AM.
autrefois is offline   3 Reply With Quote
Old Feb 8, 2013, 08:42 AM   #19
Northgrove
macrumors 6502a
 
Join Date: Aug 2010
Flash & Java are usually replaceable with HTML 5 + Javascript. The only time I can think of Java being more convenient is for the more direct hardware access, but this is precisely why it's so dangerous!

I'm pretty sure we could do away with these technologies and still have a web functioning pretty much like today, only with less crashes, less resource requirements, and better mobile platform support.

Flash isn't supported by iOS, Android since 4.1, or Windows Phone 8. It's ridiculous that web designers still use the technology.
__________________
iPhone 5 • rMBP 15" (2012)
Northgrove is offline   9 Reply With Quote
Old Feb 8, 2013, 08:43 AM   #20
Skika
macrumors 68020
 
Join Date: Mar 2009
What is this flash you speak off?
__________________
MacBook Pro, iPad, iPhone
Skika is offline   3 Reply With Quote
Old Feb 8, 2013, 08:44 AM   #21
bananas
macrumors 6502
 
Join Date: Aug 2007
Quote:
Originally Posted by MacRumors View Post
Users can manually download the new 11.5.502.146 version of Flash Player from Adobe's site, or those who have specified that Adobe may update Flash Player automatically may simply allow it to do so.
The current version is actually 11.5.502.149
__________________
· · · · · · ·
bananas is offline   4 Reply With Quote
Old Feb 8, 2013, 08:44 AM   #22
pmhparis
macrumors newbie
 
Join Date: Feb 2013
Location: devinez...
Quote:
Originally Posted by BornAgainMac View Post
I never hear any problems with Microsoft Silverlight. Is it extremely secure or just nobody uses it or cares?
it has it's own problems but the fact that few people have it installed has made it a less visible target. Ask yourself this: Do you really need Silverlight? The answer is extremely rarely yes so why augment the ways you can be remotely hacked.
pmhparis is offline   2 Reply With Quote
Old Feb 8, 2013, 08:45 AM   #23
MyNameIsDave
macrumors member
 
Join Date: May 2012
Location: Blighty
Quote:
Originally Posted by SOLLERBOY View Post
Great, go through the process and it's still blocked. It just re installed the same version I had.
You need to restart your browser after the install. It doesn't tell you to do this, but it looks as though the update has failed if you don't when it has in fact worked.
MyNameIsDave is offline   2 Reply With Quote
Old Feb 8, 2013, 08:48 AM   #24
pmhparis
macrumors newbie
 
Join Date: Feb 2013
Location: devinez...
Quote:
Originally Posted by Skika View Post
What is this flash you speak off?
It comes with Chrome for the thankfully few instances where I actually need to use it...

----------

Quote:
Originally Posted by ncaissie View Post
Then you are not a gamer. Most game sites are still being developed in Flash.
So, then your postulate is that Gamers do not mind getting hacked in drive by attacks on flash?
pmhparis is offline   4 Reply With Quote
Old Feb 8, 2013, 08:49 AM   #25
camnchar
macrumors 6502
 
Join Date: Jan 2006
Location: SLC, Utah
Send a message via AIM to camnchar
Apple can go ahead and keep blocking Flash.
__________________
Apple //c, 1 MHz, 128k RAM, 5.25" floppy drive, 1-button mouse
camnchar is offline   11 Reply With Quote

Reply
MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Adobe Releases Another Emergency Update for Flash MacRumors Mac Blog Discussion 125 Feb 25, 2014 07:11 PM
Apple Enforces Adobe Flash Player Security Upgrade with Updated Malware Definitions MacRumors Mac Blog Discussion 51 Feb 15, 2014 11:04 AM
Adobe Releases 'Critical' Update for Flash After Security Vulnerability Discovered MacRumors Mac Blog Discussion 92 Feb 10, 2014 12:29 PM
Am I The Only One Who Can't Update Adobe Flash Player? 53kyle OS X Mavericks (10.9) 4 Jun 14, 2013 03:29 AM
Apple Updates Anti-Malware Software to Block Older Versions of Adobe Flash Player Plug-in MacRumors MacRumors.com News Discussion 40 Mar 9, 2013 04:46 PM

Forum Jump

All times are GMT -5. The time now is 12:11 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC