Adobe Issues Critical Security Update for Flash Player on Mac

Friday February 17, 2017 5:51 AM PST by Joe Rossignol
Adobe this week released Flash Player version 24.0.0.221 to "address critical vulnerabilities that could potentially allow an attacker to take control of the affected system," including Mac, Windows, Linux, and Chrome OS.

Mac users with Flash Player version 24.0.0.194 or earlier installed should immediately update to the latest version using the built-in update mechanism. The update is also available from the Adobe Flash Player Download Center.

Flash Player users who had enabled the option to "allow Adobe to install updates" will receive the update automatically. Likewise, Google Chrome will automatically update Flash Player to version 24.0.0.221. Select "About Google Chrome" under the Tools menu to verify the browser is up-to-date.

Adobe said the critical security update resolves integer overflow, memory corruption, type confusion, heap buffer overflow, and use-after-free vulnerabilities that could lead to code execution. The vulnerabilities were reported by security teams from Google, Microsoft, Palo Alto Networks, and Trend Micro.

Safari on macOS Sierra deactivates Flash by default, only turning on the plug-in when user requested. Chrome, Firefox, and most other modern web browsers also have web plug-in safeguards in place due to repeated security risks. Adobe has released fifteen Flash Player security updates over the past year.

In 2010, Apple co-founder Steve Jobs shared his "Thoughts on Flash," in which he favored open web standards such as HTML5 over Adobe Flash. Jobs said Flash Player was "the number one reason Macs crash," while criticizing its performance on mobile devices. "Flash was created during the PC era – for PCs and mice," he opined.

Tags: security, Adobe Flash Player, Adobe
96 comments

Top Rated Comments

(View all)
Avatar
Oblivious.Robot
38 months ago
A few years back, I took an advice of a macrumors memeber and removed Flash. Now I don't remember who it was, but thank you!
Rating: 29 Votes
Avatar
DCJ001
38 months ago
I am really glad that I uninstalled Flash years ago.

Steve Jobs was correct:

http://www.apple.com/hotnews/thoughts-on-flash/
Rating: 19 Votes
Avatar
decimortis
38 months ago
I wish I could join the Uninstalled Flash party, but I need the bloody thing for some rather archaic services I use at work. Maybe one day. Maybe.
Rating: 13 Votes
Avatar
H2SO4
38 months ago
I can see this thread is going to be full of the same old people who don't use it moaning about how they don't use it ad nauseum. For the rest of us we are glad that at least Adobe are providing regular updates.
Rating: 12 Votes
Avatar
nwcs
38 months ago
I'm amazed at how many places still require flash even today. They probably outsourced the stuff years ago and can't/won't pay for an update to anything modern. Little do they know they're opening themselves up to huge security holes themselves. Probably already are and still don't know it.
Rating: 10 Votes
Avatar
Mac-lover3
38 months ago

I wish I could join the Uninstalled Flash party, but I need the bloody thing for some rather archaic services I use at work. Maybe one day. Maybe.

Well a thing you could do is use chrome for those tasks but use safari for all the rest.
Rating: 7 Votes
Avatar
silvetti
38 months ago
Just don't install it and keep Chrome as a side-browser (if Safari is your main one).
Then you use Chrome's native Flash plugin which I trust more.
Rating: 6 Votes
Avatar
Michaelgtrusa
38 months ago
Removed long ago.
Rating: 6 Votes
Avatar
daanodinot
38 months ago
The best security update is not having Flash installed.
Rating: 6 Votes
Avatar
meteoreos
38 months ago
It's so annoying that some online streaming services in the UK (looking at you, BT Sport) still require flash.
Rating: 5 Votes
[ Read All Comments ]