Adobe Releases Flash Player Update for 'Critical' Security Vulnerability on Mac

Discussion in 'Mac Blog Discussion' started by MacRumors, Mar 11, 2016.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    [​IMG]
    Adobe has released security updates for Flash Player that address critical vulnerabilities that "could potentially allow an attacker to take control of the affected system." Adobe is aware of "limited, targeted attacks" on OS X, Windows, and Linux.

    Adobe lists the affected Flash Player and AIR versions in a security bulletin on its website. Mac or PC users running an affected version should immediately uninstall the web plugin or update their installation to the newest version outlined on Adobe's website.

    Apple blocks many older or vulnerable versions of web plugins from functioning, including Adobe Flash and Java, to help limit exposure to potential "zero day" exploits. The web plugins remain blocked in Safari until you install the latest updates. Chrome, Firefox, and most other modern web browser also have web plugin safeguards in place due to the high number of past security risks.

    Article Link: Adobe Releases Flash Player Update for 'Critical' Security Vulnerability on Mac
     
  2. Crosscreek macrumors 68020

    Crosscreek

    Joined:
    Nov 19, 2013
    Location:
    Margarittaville
  3. Cuban Missles macrumors 68040

    Cuban Missles

    #3
    Wait, I thought Flash was dead. Why does anyone still have it installed.

    Better option is to UNINSTALL
     
  4. m4v3r1ck macrumors 68000

    m4v3r1ck

    Joined:
    Nov 2, 2011
    Location:
    The Netherlands
  5. vatter69 macrumors 6502

    vatter69

    Joined:
    Feb 4, 2013
    #5
    Really curious is there ANY real reason to still have this on your Computer? I uninstalled this like 5 years ago. Back then it was hard because many sites still used this to deliver videos (youtube,facebook,macrumors!) etc. But today?
     
  6. hanser macrumors member

    Joined:
    Aug 29, 2013
    #6
    Some sites still use it, e.g. www.eclassical.com where I buy a lot of music. But those I just open in Chrome.
     
  7. bsolar macrumors 6502a

    Joined:
    Jun 20, 2011
    #7
    Flash might already be dead in your case but not in all users' cases: some sites have no HTML5 replacement or said replacement lacks functionality compared to the Flash version. Said that, it's possible to whitelist the plugin to run only from the required sites reducing somewhat the risk.
     
  8. 2010mini macrumors 68030

    Joined:
    Jun 19, 2013
    #8
    That's it! I am removing Flash from all our computers when I get home.
     
  9. Closingracer macrumors 65816

    Joined:
    Jul 13, 2010
    #9

    Because some websites still use it that I visit regularly?
     
  10. furi0usbee macrumors 68000

    furi0usbee

    Joined:
    Jul 11, 2008
    #10
    1. If you MUST use Flash, just use Chrome for those instances.
    2. If you MUST use Safari, Develop > User Agent > iOS can switch your flash videos to HTML5 (often)
    3. I have NEVER stayed on a Flash website more than a minute, so Flash is ONLY for videos as far as I'm concerned.
    4. Steps 1/2 99% solve Flash for me. I will never have it installed on my system again.
     
  11. Pakaku macrumors 65816

    Pakaku

    Joined:
    Aug 29, 2009
    #11
    Yeah, I'm sure a software plugin is as toxic as a big government entity trying to challenge something as big as encryption
     
  12. vatter69 macrumors 6502

    vatter69

    Joined:
    Feb 4, 2013
    #12
    Pretty much what i do as well, i have installed Chrome for this reason alone, start it about once / month for that odd site that requires Flash (hello Programmers!).

     
  13. ArtOfWarfare macrumors 604

    ArtOfWarfare

    Joined:
    Nov 26, 2007
    #13
    I've had ClickToPlugin installed for several years... I don't think there's been anything I clicked on to activate in a few years... maybe it's time to just uninstall Flash entirely?
     
  14. err404 macrumors 68020

    Joined:
    Mar 4, 2007
    #14
    That is no excuse. The owner of web content has a responsibility to avoid technologies that threaten the security of their users machines. It's not like anyone is surprised that Flash has yet another critical security failure.
    While I agree that there are some limited use cases where Flash excels over HTML5, that still does not justify the use of such a dangerous plugin.
    If you must use Flash, please use Chrome. At least when using Chrome, vulnerabilities are better sandboxed. Trust me, I'm as worried about YOUR machine being compromised as you are.
     
  15. shareef777 macrumors 65816

    shareef777

    Joined:
    Jul 26, 2005
    Location:
    Waiting for Skylake MBP thread
    #15
    To the already posted and the numerous up coming posts, we get it. You've moved on from flash. Good for you, continue to give yourselves a pat on the back EVERY time a patch is released. Some of us have jobs that require the use of web based apps that run on flash. Case in point: VMware. Number one virtualization platform in the enterprise. They require a web based management console, and guess what it runs on. Sure, they plan on moving to HTML one day, but until that happens I'm glad these posts exist to help keep people aware of the security risks out there.
     
  16. DELTAsnake macrumors 6502

    DELTAsnake

    Joined:
    Jul 18, 2008
    Location:
    Australia
    #16
    I'm so close to just switching to Chrome because of it's security/updating model. I don't like Google, but they seem to have a better handle on this than other companies.
     
  17. shareef777 macrumors 65816

    shareef777

    Joined:
    Jul 26, 2005
    Location:
    Waiting for Skylake MBP thread
    #17
    He's referring to the end user side. We use certain sites that run flash, and there's no two ways about it. People act like the only thing that runs flash are online video and game sites. Unfortunately, there are A LOT of other sites that run flash that are important or even critical to our day to day lives.
     
  18. H2SO4 macrumors 68030

    Joined:
    Nov 4, 2008
    #18
    Don’t worry. Every time there is a post about flash someone will deliberately write a crappy post like that. This time it happens to be Cuban Missiles who obviously had the crisis.
     
  19. ThunderSkunk macrumors 68020

    ThunderSkunk

    Joined:
    Dec 31, 2007
    Location:
    Colorado & Ontario
    #19
    I dont have it installed, but was considering it since Fox made new XFiles episodes, and the only way to view them in an apple household is via flash plugin.
     
  20. Cuban Missles macrumors 68040

    Cuban Missles

    #20
    Seriously speaking, I uninstalled Flash a while back on my Apples. If a site I visit requires it, then I move on and they lost my patronage. I refuse to reward anyone for using Flash.

    http://www.vladan.fr/esxi-free-web-client-interface/
     
  21. Closingracer macrumors 65816

    Joined:
    Jul 13, 2010
    #21

    Good for you? Want a cookie?
     
  22. antonis macrumors 68000

    antonis

    Joined:
    Jun 10, 2011
  23. jettredmont macrumors 68030

    Joined:
    Jul 25, 2002
    #23
    You do realize you have it on your system, just integrated in the Chrome browser rather than as a separate plugin, right?

    This is fine if you only use Chrome for those specific sites, akin to whitelisting those sites for Flash. But that is hardly a real solution.
    --- Post Merged, Mar 11, 2016 ---
    Again, this is foolhardy. Chrome includes the Flash plugin. The only difference between this and Safari with the plugin is that you are dependent on the timeliness of Chrome updates to get Flash updates a few days after they happen, and that the plugin update happens as a part of the browser update process.

    You are just as vulnerable to these exploits as any other user using the Flash plugin, except that you have to wait for the update to be included in Chrome to get it (which isn't a huge delay, but that delay is not a good thing).
     
  24. KoolAid-Drink macrumors 6502a

    Joined:
    Sep 18, 2013
    Location:
    California
    #24
    I have Flash on my computer. How do I know if I need it? I'm not sure if any websites I use actually require it anymore...? I mainly use Facebook, Google Maps (Chrome), Netflix, Comcast XFINITY, and YouTube.

    If none of those websites require Flash, I can just uninstall it.
     
  25. Closingracer macrumors 65816

    Joined:
    Jul 13, 2010
    #25

    Facebook, Google maps and YouTube doesn't use it. Netflix used Microsoft silverlight for its videos but I believe they either changed to HTML 5 or in the process.
     

Share This Page