Adobe Releases Flash Player Update to Patch Security Holes as Apple Blocks Earlier Versions
As noted by Ars Technica, Adobe late yesterday issued a security bulletin announcing that it was releasing updates to Flash Player in order to address a pair of security vulnerabilities targeting Mac and Windows users.
Adobe is also aware of reports that CVE-2013-0634 is being exploited in the wild in attacks delivered via malicious Flash (SWF) content hosted on websites that target Flash Player in Firefox or Safari on the Macintosh platform, as well as attacks designed to trick Windows users into opening a Microsoft Word document delivered as an email attachment which contains malicious Flash (SWF) content.
Users can manually download the new 11.5.502.149 version of Flash Player from Adobe's site, or those who have specified that Adobe may update Flash Player automatically may simply allow it to do so.
In response to the issue, Apple has updated its Xprotect anti-malware system to enforce new minimum version requirements blocking all previous versions of Flash Player. Apple has used the system several times over the past month to block vulnerable versions of Java.

Apple has also posted a new support document addressing the issue and explaining to users how to update Flash Player when they discover that the plug-in has been blocked.
Popular Stories
Leaker Jon Prosser today shared ostensibly accurate renders of the iPhone 14 Pro, providing the most accurate look yet at what the device could look like when it launches later this year.
In the latest video on YouTube channel Front Page Tech, Prosser revealed renders of the iPhone 14 Pro made by Apple concept graphic designer Ian Zelbo, highlighting a range of specific design changes...
Last year's iPhone 13 Pro models were the first of Apple's smartphones to come with 120Hz ProMotion displays, and while the two iPhone 14 Pro models will continue to feature the technology, their screens could well boast expanded refresh rate variability this time round.
To bring ProMotion displays to the iPhone 13 Pro models, Apple adopted LTPO panel technology with variable refresh...
Amazon is marking down a wide variety of 11-inch and 12.9-inch iPad Pro models this week, with prices starting as low as $749.00 for the 11-inch tablet. You'll find the full list of sales below, all of which can be found on Amazon.
Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep...
Apple appears to have recently updated the Wallet app to allow users to add an Apple Account Card, which displays the Apple credit balance associated with an Apple ID.
If you receive an App Store or Apple Store gift card, for example, it is added to an Apple Account that was previously visible in the App Store and Apple Store apps. As of today, the Apple Account balance can also be added to...
Apple in February unveiled a new "Tap to Pay on iPhone" feature that will allow compatible iPhones to accept payments via Apple Pay, contactless credit and debit cards, and other digital wallets, with no additional hardware required.
Apple began testing the feature at its Apple Park Visitor Center earlier this month, and now Bloomberg's Mark Gurman has tweeted that the feature will begin...
Apple today confirmed that the keynote event for the Worldwide Developers Conference will begin at 10:00 a.m. Pacific Time on June 6, the first day of WWDC. The keynote will be an online-only event, though a select number of developers have been invited to the Apple Park campus for a viewing event.
In addition to confirming the keynote date and time, Apple has shared the full WWDC 2022...
Top Rated Comments
It's certainly cost them sales (not having flash and to a lesser extent Java on iOS devices, for example), but it's worth it. I'm glad they didn't take the easy road.
Yeah, all versions of Chrome come with an internalized Flash instance separate from the OS. So, for someone like autrefois who wants to run an insecure plugin, they can just use Chrome.
Funny how the devs do this for Flash, but continue to take a stand against a real standard like H.264. :rolleyes:
No, people need to stop making users "do actual work" using poor platform choices and insecure software. Flash and Java's times are over. I'm glad Apple is doing this, because it highlights the fact that these plugins need to go.
My poor keyboard, you make me smash.