Adobe Releases Flash Player Update to Patch Security Holes as Apple Blocks Earlier Versions

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Feb 8, 2013.

  1. macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    As noted by Ars Technica, Adobe late yesterday issued a security bulletin announcing that it was releasing updates to Flash Player in order to address a pair of security vulnerabilities targeting Mac and Windows users.
    Users can manually download the new 11.5.502.149 version of Flash Player from Adobe's site, or those who have specified that Adobe may update Flash Player automatically may simply allow it to do so.

    In response to the issue, Apple has updated its Xprotect anti-malware system to enforce new minimum version requirements blocking all previous versions of Flash Player. Apple has used the system several times over the past month to block vulnerable versions of Java.

    [​IMG]
    Apple has also posted a new support document addressing the issue and explaining to users how to update Flash Player when they discover that the plug-in has been blocked.

    Article Link: Adobe Releases Flash Player Update to Patch Security Holes as Apple Blocks Earlier Versions
     
  2. macrumors 601

    OrangeSVTguy

    Joined:
    Sep 16, 2007
    Location:
    Northeastern Ohio
    #2
    How long before the next "vulnerability" and apple shuts this one down?
     
  3. macrumors 68020

    Squilly

    Joined:
    Nov 17, 2012
    Location:
    PA
    #3
    What is with all the exploits lately.... :confused: Get it right people!
     
  4. macrumors 65832

    JaySoul

    Joined:
    Jan 30, 2008
  5. macrumors 65816

    autrefois

    Joined:
    Oct 22, 2003
    Location:
    Somewhere in the USA
    #5
    Apple needs to stop blocking software. If they want to display a warning, fine. But for people who rely on their computers to do actual work, it isn't acceptable for them to keep disabling software that many people use and need on a daily basis. Inform people of the vulnerability and give them the option of disabling it.
     
  6. macrumors 6502a

    Joined:
    Apr 21, 2009
    Location:
    Bronx,Ny
    #6
    Does anybody use flash anymore ? I been blocking flash for 4 years
     
  7. macrumors 68000

    Saladinos

    Joined:
    Feb 26, 2008
    #7
    This is why Apple have been fighting for a plugin-free web.

    It's certainly cost them sales (not having flash and to a lesser extent Java on iOS devices, for example), but it's worth it. I'm glad they didn't take the easy road.
     
  8. macrumors member

    Joined:
    Feb 28, 2012
    Location:
    Pearl of the Orient
    #8
    Tried to open the download link.
    "Your Google Chrome browser already includes Adobe® Flash® Player built-in. Google Chrome will automatically update when new versions of Flash Player are available." :cool:
     
  9. macrumors regular

    Joined:
    Aug 26, 2012
    #9
    This. Although I wasn't working, I did find it annoying that a lot of the websites I visited that needed the adobe plug-in where completely useless because of this block.
     
  10. macrumors 6502a

    fullauto

    Joined:
    Oct 19, 2012
    Location:
    Brisbane
  11. macrumors regular

    xionxiox

    Joined:
    Jul 20, 2010
    Location:
    Hell
    #11
    This seems to be the only way things have been getting fixed tho...
     
  12. macrumors regular

    Macrolido

    Joined:
    May 14, 2012
    Location:
    Monterrey, Mexico
  13. macrumors 601

    BornAgainMac

    Joined:
    Feb 4, 2004
    Location:
    Florida Resident
    #13
    I never hear any problems with Microsoft Silverlight. Is it extremely secure or just nobody uses it or cares?
     
  14. macrumors 68000

    AngerDanger

    Joined:
    Dec 9, 2008
    Location:
    Male
    #14
    Total Poetry Time®

    My poor keyboard, you make me smash.
     
  15. macrumors 6502a

    ncaissie

    Joined:
    Dec 1, 2011
    #15
    Then you are not a gamer. Most game sites are still being developed in Flash.
     
  16. macrumors 603

    scaredpoet

    Joined:
    Apr 6, 2007
    #16
    Yeah, all versions of Chrome come with an internalized Flash instance separate from the OS. So, for someone like autrefois who wants to run an insecure plugin, they can just use Chrome.

    Funny how the devs do this for Flash, but continue to take a stand against a real standard like H.264. :rolleyes:

    No, people need to stop making users "do actual work" using poor platform choices and insecure software. Flash and Java's times are over. I'm glad Apple is doing this, because it highlights the fact that these plugins need to go.
     
  17. macrumors 6502a

    Joined:
    Aug 8, 2008
    Location:
    Manchester,UK
    #17
    Great, go through the process and it's still blocked. It just re installed the same version I had.
     
  18. autrefois, Feb 8, 2013
    Last edited: Feb 8, 2013

    macrumors 65816

    autrefois

    Joined:
    Oct 22, 2003
    Location:
    Somewhere in the USA
    #18
    Yes, I completely agree it is annoying (and in my opinion unacceptable) in general, whether it's for work or not.

    I mentioned work because I happened to be trying to access something for work at the time, and I was anticipating that people would say (and I see it's already started) things like: who needs Flash, haven't used Flash in ages, let's destroy Flash once and for all, etc.

    Yes, this time there is a fix available right away (which was not the case with Java recently). And no, I don't like Flash. But sometimes, there isn't another option right now.

    Why should we have to guess what software Apple is or isn't going to decide to block every day? It is the consumer's responsibility to make sure their computer is safe. Popping up a warning before running it would be more than sufficient.
     
  19. macrumors 6502a

    Joined:
    Aug 3, 2010
    #19
    Flash & Java are usually replaceable with HTML 5 + Javascript. The only time I can think of Java being more convenient is for the more direct hardware access, but this is precisely why it's so dangerous!

    I'm pretty sure we could do away with these technologies and still have a web functioning pretty much like today, only with less crashes, less resource requirements, and better mobile platform support.

    Flash isn't supported by iOS, Android since 4.1, or Windows Phone 8. It's ridiculous that web designers still use the technology.
     
  20. macrumors 68020

    Joined:
    Mar 11, 2009
  21. macrumors 6502

    bananas

    Joined:
    Aug 1, 2007
    #21
    The current version is actually 11.5.502.149
     
  22. macrumors newbie

    Joined:
    Feb 8, 2013
    Location:
    devinez...
    #22
    it has it's own problems but the fact that few people have it installed has made it a less visible target. Ask yourself this: Do you really need Silverlight? The answer is extremely rarely yes so why augment the ways you can be remotely hacked.
     
  23. macrumors member

    Joined:
    May 28, 2012
    Location:
    Blighty
    #23
    You need to restart your browser after the install. It doesn't tell you to do this, but it looks as though the update has failed if you don't when it has in fact worked.
     
  24. macrumors newbie

    Joined:
    Feb 8, 2013
    Location:
    devinez...
    #24
    It comes with Chrome for the thankfully few instances where I actually need to use it...

    ----------

    So, then your postulate is that Gamers do not mind getting hacked in drive by attacks on flash?
     
  25. macrumors 6502

    Joined:
    Jan 26, 2006
    Location:
    SLC, Utah

Share This Page