Apple Updates Anti-Malware Software to Block Older Versions of Adobe Flash Player Plug-in

by

As noted by Jim Dalrymple of The Loop, Apple today updated its malware definition file "Xprotect.plist" to block older versions of Adobe Flash Player in Safari. Versions of Flash that come before the latest 11.6.602.171 update will be automatically blacklisted.

xprotect_flash_11_6

To help protect users from a recent vulnerability, Apple has updated the web plug-in-blocking mechanism to disable older versions of the web plug-in: Adobe Flash Player

The ban comes after a security bulletin issued by Adobe earlier this week, covering three different vulnerabilities and recommending an update to the newest version of Flash.

In recent weeks, Apple has aggressively used its anti-malware tools to enforce minimum plug-in versions in light of security issues affecting the software. Recent blocks have included a previous Flash Player update enforcement in early February, and several blocks of Oracle's Java 7 Web plug-in earlier this year.

Popular Stories

iPhone SE 4 Vertical Camera Feature

iPhone SE 4 Production Will Reportedly Begin Ramping Up in October

Tuesday July 23, 2024 2:00 pm PDT by
Following nearly two years of rumors about a fourth-generation iPhone SE, The Information today reported that Apple suppliers are finally planning to begin ramping up mass production of the device in October of this year. If accurate, that timeframe would mean that the next iPhone SE would not be announced alongside the iPhone 16 series in September, as expected. Instead, the report...
Read Full Article68 comments
iPhone 17 Plus Feature

iPhone 17 Lineup Specs Detail Display Upgrade and New High-End Model

Monday July 22, 2024 4:33 am PDT by
Key details about the overall specifications of the iPhone 17 lineup have been shared by the leaker known as "Ice Universe," clarifying several important aspects of next year's devices. Reports in recent months have converged in agreement that Apple will discontinue the "Plus" iPhone model in 2025 while introducing an all-new iPhone 17 "Slim" model as an even more high-end option sitting...
Read Full Article160 comments
Generic iPhone 17 Feature With Full Width Dynamic Island

Kuo: Ultra-Thin iPhone 17 to Feature A19 Chip, Single Rear Camera, Semi-Titanium Frame, and More

Wednesday July 24, 2024 9:06 am PDT by
Apple supply chain analyst Ming-Chi Kuo today shared alleged specifications for a new ultra-thin iPhone 17 model rumored to launch next year. Kuo expects the device to be equipped with a 6.6-inch display with a current-size Dynamic Island, a standard A19 chip rather than an A19 Pro chip, a single rear camera, and an Apple-designed 5G chip. He also expects the device to have a...
Read Full Article162 comments
iPhone 16 Pro Sizes Feature

iPhone 16 Series Is Less Than Two Months Away: Everything We Know

Thursday July 25, 2024 5:43 am PDT by
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Read Full Article130 comments
icloud private relay outage

iCloud Private Relay Experiencing Outage

Thursday July 25, 2024 3:18 pm PDT by
Apple’s iCloud Private Relay service is down for some users, according to Apple’s System Status page. Apple says that the iCloud Private Relay service may be slow or unavailable. The outage started at 2:34 p.m. Eastern Time, but it does not appear to be affecting all iCloud users. Some impacted users are unable to browse the web without turning iCloud Private Relay off, while others are...
Read Full Article82 comments

Top Rated Comments

lifeinhd Avatar
lifeinhd
149 months ago
What application are you running that computationally requires Java in the browser in order to run? :confused:

What are you doing to convey to the software vendor that it is urgent to upgrade their service to eliminate the need for Java in the browser?
I had a client who called me the other week because the site she used to manage her real estate would no longer work on her Mac. Turns out it used Java, and Apple had disabled Java earlier that day.

You can argue all day long that Java/Flash/plugins shouldn't be necessary, but it doesn't change the fact that remotely disabling stuff with no opt-out or even warning is NOT okay.
Score: 7 Votes (Like | Disagree)
FloatingBones Avatar
FloatingBones
149 months ago
uNless you actually need java, like some people- myself included.
Agreed. Same here.
What application are you running that computationally requires Java in the browser in order to run? :confused:

What are you doing to convey to the software vendor that it is urgent to upgrade their service to eliminate the need for Java in the browser?
Score: 5 Votes (Like | Disagree)
Jaymes Avatar
Jaymes
149 months ago
What application are you running that computationally requires Java in the browser in order to run? :confused:

What are you doing to convey to the software vendor that it is urgent to upgrade their service to eliminate the need for Java in the browser?

Have you ever worked in an enterprise environment? Java is widespread, because it is cross-platform. You only have to right software once, and it will work on Mac, Windows, mobile phone, an ATM, whatever. That's part of the reason people try to compromise it so often.

Unless Oracle somehow self-destructs, Java isn't going away anytime soon. Heck, even CrashPlan Pro (the supposed gold standard in Mac backup that Apple uses on 27,000 of its campus computers) uses a Java client to run. That's right - read it: Apple uses Java on nearly every desktop computer on their campus.
Score: 4 Votes (Like | Disagree)
FloatingBones Avatar
FloatingBones
149 months ago
What application are you running that computationally requires Java in the browser in order to run? :confused:
Banking.
Finance.
You don't understand the question. I'll rephrase: what is it about banking and finance that requires the computation be performed with Java in the browser?

As far as we can tell, it's simply a matter of complacency and laziness that is leaving your site with the risky implementation. You seem to not realize: apathy by businesses like yours is what is keeping this problem in place.

Are you perhaps hoping that Java will someday be secure?
Score: 4 Votes (Like | Disagree)
Yvan256 Avatar
Yvan256
149 months ago
The safest way is still to uncheck the "Enable plug-ins" and "Enable Java" options in Safari.
Score: 4 Votes (Like | Disagree)
iDuel Avatar
iDuel
149 months ago
Wait? People still use safari?

Buggiest browser I've ever used. Prefer Firefox and Chrome thanks.

Some of us prefer having complete integration with the OS. Plus, I haven't experienced any show stopping bugs while using Safari.
Score: 3 Votes (Like | Disagree)
Read All Comments