Apple Forcing Users to Upgrade to Latest Adobe Flash Plug-In Due to Security Issues
In a posting to its security mailing list, Apple notes that users must upgrade to the latest 220.127.116.11 version of Flash Player if possible. For those users running systems incompatible with Flash Player 14, Adobe has made available a 18.104.22.168 update that addresses the security issues.
APPLE-SA-2014-07-10-1 OS X: Flash Player plug-in blockedThe high-priority update was released by Adobe on Tuesday to fix an issue disclosed in a proof-of-concept exploit by Google engineer Michele Spagnuolo. A number of major sites including Google, YouTube, Twitter, and Tumblr were vulnerable to the issue, although they quickly addressed the issue on their ends. With Adobe's update to Flash Player itself, users will no longer be vulnerable as long as they update their plug-ins, a move Apple is now strongly encouraging by blocking all older versions of the plug-in.
Due to security issues in older versions, Apple has updated the web plug-in blocking mechanism to disable all versions prior to Flash Player 22.214.171.124 and 126.96.36.199.