Upgrading To Apple's Snow Leopard Downgrades Flash Security

If you installed Apple's latest operating system -- OS X 10.6, or Snow Leopard -- between last Friday and now, you also installed an earlier, less secure, iteration of Adobe's Flash player, version 10.0.23.1. By upgrading the OS, you've downgraded Flash security.

"We recommend all users update to the latest, most secure version of Flash Player (10.0.32.18) -- which supports Snow Leopard and is available for download from http://www.adobe.com/go/getflashplayer," wrote David Lenoe on the Adobe Product Security Incident Response Team site's blog.

There is no notification during the upgrade process that the change has occurred. "Mac users who have been diligent enough to keep their security up-to-date do not deserve to be silently downgraded," wrote Graham Cluley, senior technology consultant at Sophos, on his blog. "We know that hackers keep finding security holes in Adobe's code - and that's deeply concerning because it is so widely used by many Internet users, whether on Mac or PC."

The more current version of the player patches some security breaches that the older one does not. As operating systems have generally become more secure over time, hackers look to exploit computers through third-party software, including Adobe Reader, Acrobat and Flash. Adobe's products are particularly attractive to hackers because they are in widespread use. Because of its popularity among hackers, Adobe has begun a quarterly release of security patches; however, some patches are being released even more frequently.

Tweet

   

More Security