Snow Leopard ships with vulnerable Flash Player
Summary: Apple's new operating system comes with an outdated version of Flash Player that exposes Mac users to hacker attacks.
Apple's new operating system comes with an outdated version of Flash Player that exposes Mac users to hacker attacks.
The initial release of Mac OS X 1..6 (Snow Leopard) includes Flash Player 10.0.23.1, which is very much out of date. The fully patched version of Flash Player for Mac is version 10.0.32.18.
[ SEE: Apple adds malware blocker in Snow Leopard ]
Even worse, Intego reports that the vulnerable version of Flash is included even if the Mac user was fully patched before upgrading the operating system.
The current version of Flash Player for Mac is 10.0.32.18, but if you go to the Flash Player version test page after installing Snow Leopard, you’ll find that you have version 10.0.23.1, even if you were up-to-date before the upgrade. It seems that Apple is shipping an outdated, even dangerous version of Flash Player.
Adobe has also spotted the hiccup and released a security alert to warn of the problem.
The initial release of Mac OS X 10.6 (Snow Leopard) includes an earlier version of Adobe Flash Player than what is available from Adobe.com. We recommend all users update to the latest, most secure version of Flash Player (10.0.32.18) -- which supports Snow Leopard and is available for download from http://www.adobe.com/go/getflashplayer.
Snow Leopard also includes a rudimentary file quarantine feature to help block known malware attacks against Mac OS X users.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
This is unpossible!!! Stop Lying!! Snow Leopard is Teh Secure!
Well, they didn't, BUT they did include it ...
Who needs flash...
for pesky ads which show up as a blank spot of flash isn't there.
Most people watch YouTube videos
Personally I use AdBlock if ads interfere with the web page, but I'll let it slide as long as the ad does not interfere with the overall experience (because I know those ads keep the web page free).
You might do better with Flashblock
With flashblock you can easily configure it to show flash from named sites
so you don't have to fool around changing things whwn you want flash. If
you get an embedded youtube video on a webpage and you have youtube
cleared it will play.
Cool!...(nt)
So far the only posts are from windows fanbois
The solution here is simple. Update your flash player after
you install Snow Leopard.
Stupid on the part of Apple? Yeah. Apocalypse? No.
Well, the problem is that..
No pun intended. But going to the website and downloading the update directly are Windows/Linux users' kind to thing, you know. We Mac people don't do that. That's why we paid $1000 extra on it in the first place.
No apology given, none necessary.
If adobe flash isn't in "Software Update" it shouldn't be shipped with SL.
Only Apple's software is updated via Software Update
http://www.apple.com/downloads/macosx/internet_utilities/adobeflashplayer.html
That was not so hard now was it? :-)
Is that an automatic update from apple?
It's pretty clear that home users are not proactive when it comes to software updates or security. There's no reason to believe that Apples non-technical users will go out searching for updates.
Adobe took care of the problem, but this was a pretty big mistake, if for no other reason than Flash seems like the most common vector of attack against home users.
Apple needs to step up their game, and I'm sure they will, but it's becoming increasingly clear that they need to focus more on Security.
What about all the crap in Windows
oh my, the worse thing ever. NOT. Get over it Windows Fan bois. An I use
windows. LOL.
No ... the point is ...
... But now that OSX has started getting popular, those same Apple fans are facing the kind of trials and tribulations that many Windows users have already learned how to protect themselves from.
Alas, the overriding mentality of Mac users is that they're impervious to attack because of the (grossly inaccurate) "OSX has no vulnerabilities" meme. Jobs will have a lot of explaining to do in a couple of years when OSX grows just a few more percentage points and starts becoming the target for mass exploitation.
So far the only posts are from windows fanbois
respond. The tone of the article was that the
world was coming to an end. I don't read many of
his articles but it seems the person writing this
is a Windows Guy!.
speaking of updates
am directed to their update page for 20 minutes of downloads to update
the program.....People in glass houses........
You're right
It's much like Walt Mossberg's recent review of Leopard. His criticisms were mild and he generally gave them a pass for incompatibilities and he doesn't take them to task for dropping support for machines that may have been purchased as recently as 3 years ago.
OTOH, incompatibilities with Vista or 7 are signs of how inferior Windows is to OS X and the inability to do an in-place upgrade from XP (an 8 year-old OS)is unforgivable....nevermind that he complained that it required XP users to back up their data if they don't have another HD/free partition. Never mind that his assertion was false, he essentially gives his readers the terrible advice that backing up your data before a major upgrade is part of every upgrade.
I don't care if you're running Unix, Linux, Windows or OS X, you're rolling the dice if you don't back up first.
Besides, if you dislike 7 or Snow Leopard, you can just reinstall from your back up and you're back in business.
Apple products suck at Flash. Everybody knows that.
I believe Apple doesn't like depending on other people's standard. They love making their own.
And now it has taken its toll on them.
Making their own standards....
Gotta love double standards...
Re: Making their own standards....
RE: Making their own standards