Adobe has corralled Flash Player in OS X Mavericks, sandboxing the much-maligned plugin in Safari on Apple’s latest Mac operating system so as to minimize its potential to allow through malware. The move – which follows Adobe sandboxing its plugins when used in Chrome, Internet Explorer, and Firefox – follows Apple’s increasing moves to keep […]
It’s no secret that Flash can be a security liability, with Adobe having again rolled out critical updates in recent weeks to patch vulnerabilities that left users at risk. Not every user updates when the patches are released, however, instead continuing to use an older, potential vulnerable version. In light of this, Apple has taken another step towards keeping its users safe.
Just as it did previously with Java, which is widely known for its security vulnerabilities, Apple has now blocked out-of-date Adobe Flash plugins on Safari. The change has already been implemented, and so when users attempt to access Flash content using an older version of the plugin, they will instead be present with the notification box in the screenshot above.
The user will be notified that he or she is using an outdated version of Flash, and will be provided with a link to download the latest version. Once downloaded, the Flash content will be loaded and all will be well. While some might consider this to be an inconvenience, it has been implemented in light of critical security issues with Flash Player.
On Tuesday, we reported that Adobe has rolled out an emergency update for Flash Player to patch security issues that allowed hackers to attack users running Firefox. On February 14, Adobe had also rolled out updates to its Acrobat and Reader to correct vulnerabilities that were actively being exploited in the wild.
[via ars technica]
Apple blocks out-of-date Flash Player in Safari, tells users to update is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.
Adobe has rolled out its latest security updates for Flash Player that are said to concern issues resulting in possible crashes and leave the computer vulnerable to attackers. The update is for Windows, OS X, Linux, and Android, with the company recommending that all users update Flash as soon as possible. This is the latest move in addressing growing concerns with exploits and vulnerabilities that have been cropping up.
The security updates are for Flash Player version 11.5.502.146 and earlier for Windows and OS X, and version 11.2.202.261 and earlier for Linux. The Android security update is for version 11.1.111.31, and is for Android versions 3.x and 2.x. All of the updates take care of security vulnerabilities leaving the various systems open to attack.
This follows reports that CVE-2013-0633 is being actively exploited in the wild in an attack that tricks users into downloading and opening a Word doc included as an email attachment. The file contains harmful Flash content, and is specific to Windows users running ActiveX. Those who download the security update won’t have to worry about this.
Likewise, reports have also rolled in showing that CVE-2013-0634 is also being exploited, this one via malicious Flash content found on websites. The content specifically targets Flash in Safari and Firefox for Mac users. The same is also used to exploit Windows users via the tainted Word doc attached to an email.
[via Adobe]
Adobe rolls out security updates for Flash player is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.
Needless to say, Adobe hasn’t had the best of times when it comes to the overall reliability of its Flash Player on Apple-made devices — so much so that Steve Jobs took it upon himself to write some thoughts about it a couple of years ago. Thanks to Google, though, Adobe can proudly say it’s famed Flash Player is now more secure than it’s ever been — well, at least on Chrome. According to Google, both companies have been working closely since 2010 to find ways to improve the security aspects of the famed plug-in, noting that some of the most recent enhancements can now be found in the latest Stable release of the browser — in which a novel plug-in architecture is used, allowing Flash to run “inside a sandbox that’s as strong as Chrome’s native sandbox.” The Flash plug-in improvements within Chrome aren’t just for Mac users, however, as Google has said Adobe’s Player is now fully sandboxed on Windows, Linux and, of course, its own Chrome OS as well.
Google touts improved Flash Player security in Chrome for Mac, says it’s safer than ever originally appeared on Engadget on Wed, 14 Nov 2012 02:45:00 EDT. Please see our terms for use of feeds.
Permalink | 
Google | Email this | Comments
Remember how the BBC was asking Adobe to keep Flash for Android on life support for a short while? The broadcaster just removed any doubts as to why with the launch of BBC Media Player, its solution for that day when the mobile plugin is well and truly buried. Starting with iPlayer on the mobile web and moving on to both radio as well as an updated version of the Android app due next week, the BBC will be using close Flash cousin Adobe AIR for streaming playback on Android phones and tablets. It can’t quit Flash technology cold turkey given the sheer number of devices still running Gingerbread or earlier, which rules out HTTP Live Streaming for now. Media Player isn’t necessarily the most elegant solution — we’re seeing reports of sub-par video and other hiccups — but it will keep those episodes of Doctor Who rolling on most Android hardware and let the BBC push out updates that address as many of the Google-inclined as possible.
Filed under: Cellphones, Tablets, Mobile
BBC Media Player to give Android users their iPlayer fix in a mostly Flashless world originally appeared on Engadget on Wed, 19 Sep 2012 15:28:00 EDT. Please see our terms for use of feeds.
Permalink | BBC | Email this | Comments
Chrome turned 21 last week, and in that new version, Google’s made playing Flash videos in its browser even safer… for Windows users, anyway. This latest release puts Adobe’s Flash Player plug-in for Windows in a sandbox, much as Chrome 20 did for Linux. This sandbox is “as strong” as Chrome’s extremely robust native version — even in Windows XP — which means that Flash-borne malware can’t hurt Microsofties. Securing the Flash Player plug-in is the result of two years of work, and was made possible by a new plug-in architecture Google co-developed with Adobe. In addition to the security benefits, the architecture has also brought performance improvements by way of a 20 percent decrease in Flash crashes and GPU acceleration for smoother scrolling and faster Flash rendering. And, while the immediate good news is for Windows users, Google has assured us that a port for OS X is in the works, and it hopes to ship that Mac version soon.
Filed under: Internet, Software
Google Chrome for Windows gets more secure Flash player, gives users a browsing sandbox safety net originally appeared on Engadget on Wed, 08 Aug 2012 19:37:00 EDT. Please see our terms for use of feeds.
Permalink 
The Verge | Chromium Blog, Google Chrome Blog | Email this | Comments
This is site is run by Sascha Endlicher, M.A., during ungodly late night hours. Wanna know more about him? Connect via Social Media by jumping to about.me/sascha.endlicher.
