Solaris users will be surely be happy to note they’re still on the list, albeit a couple of point releases behind.įollow on Twitter for the latest computer security news.įollow on Instagram for exclusive pics, gifs, vids and LOLs! This also handily shows you what versions are current on which platforms: If you back off at this point so you can come back later when it’s more convenient, Adobe will will re-download the whole installer, which is a further annoyance for those on the road, who may be paying over the odds for bandwidth.īut it works, and it’s worth doing: Flash, like Java, is a popular, multi-platform attack vector for the Bad Guys, with three updates in February 2013 alone (on the seventh, the twelfth and the 26th of the month).ĭon’t forget that you can check whether you have Flash active in your browser, and, if so, what version you are using by visiting Adobe’s Flash/About page. You have to complete the necessary process yourself:Īs I’ve mentioned previously, Adobe’s update process is straightforward, but mildly intrusive, as it requires you to shut down many applications, including the browser from which you got to Adobe’s download page in the first place. Two days to patch an at-risk computer that you use for browsing is brisk, but nevertheless seems pretty reasonable to me.Īccording to Apple’s notification, the Xprotect update turned up on, and produces a warning like this inside the window that Flash is trying to use:Ĭlicking on it takes you to an OS X supplied dialog that explains more:įrom here, of course, at least as things stand today), there’s not much that Apple and OS X can do except to shovel you into Adobe’s update process, so, as Apple explains, the dialog doesn’t achieve much more than taking you to Adobe’s Flash Player installer website.
The most recent update was an emergency fix for an in-the-wild exploit that was being used against both Windows and Mac users.
Presumably (and we don’t know, because this is the first time Apple has done this for Flash, though it did something similar for Java back in January 2013), the amount of time you get before Apple drops the hammer will vary depending on the apparent risk.
Once Apple thinks you’ve had enough time to get around to updating Flash (two days in the case of the most recent update), it issues a new Xprotect signature that pretty much forces your hand. OS X users received an automatic update via Apple’s basic threat protection system, Xprotect, to lock old Flash player plugins out of your browser. Last week, Apple showed that it is getting more serious about security by turning all strict about the version of Flash you’re allowed to use in Safari.
0 kommentar(er)
