Apple's Snow Leopard upgrades Mac OS X, downgrades Flash
While Snow Leopard makes a number of improvements to Apple's Mac OS X machines, for those who have kept Adobe Flash up to date, installing the new operating system will reportedly downgrade the software.
According to antivirus company Sophos, Snow Leopard installs version 10.0.23.1 of Flash for Mac, a security downgrade from the most up-to-date version, 10.0.32.18. Senior Technology Consultant Graham Cluley said the change is made without prompting the user. He called the move "pretty bad."
"I realize how much malware is out there," he said. "But after upgrading to Snow Leopard, when I went to Adobe's Web site, what it actually told me was I had actually downgraded. I was no longer running the latest version of Adobe Flash."
As hackers have targeted Adobe's Flash player for browser-based vulnerabilities, the company has responded, like Microsoft, by releasing regular security updates for its software. Users can check what version number they're running and download updates at Adobe's Web site.
"Mac users who have been diligent enough to keep their security up-to-date do not deserve to be silently downgraded," Cluley said. "We know that hackers keep finding security holes in Adobe's code - and that's deeply concerning because it is so widely used by many Internet users, whether on Mac or PC."
In an effort to beef up security protection, Apple included limited malware protection in its latest operating system. Though the feature only scans files for two Trojans out of the box, the basic defender could be upgraded over time to protect against other potential threats.
According to antivirus company Sophos, Snow Leopard installs version 10.0.23.1 of Flash for Mac, a security downgrade from the most up-to-date version, 10.0.32.18. Senior Technology Consultant Graham Cluley said the change is made without prompting the user. He called the move "pretty bad."
"I realize how much malware is out there," he said. "But after upgrading to Snow Leopard, when I went to Adobe's Web site, what it actually told me was I had actually downgraded. I was no longer running the latest version of Adobe Flash."
As hackers have targeted Adobe's Flash player for browser-based vulnerabilities, the company has responded, like Microsoft, by releasing regular security updates for its software. Users can check what version number they're running and download updates at Adobe's Web site.
"Mac users who have been diligent enough to keep their security up-to-date do not deserve to be silently downgraded," Cluley said. "We know that hackers keep finding security holes in Adobe's code - and that's deeply concerning because it is so widely used by many Internet users, whether on Mac or PC."
In an effort to beef up security protection, Apple included limited malware protection in its latest operating system. Though the feature only scans files for two Trojans out of the box, the basic defender could be upgraded over time to protect against other potential threats.
Comments
While Snow Leopard makes a number of improvements to Apple's Mac OS X machines, for those who have kept Adobe Flash up to date, installing the new operating system will reportedly downgrade the software.
According to antivirus company Sophos, Snow Leopard installs version 10.0.23.1 of Flash for Mac, a security downgrade from the most up-to-date version, 10.0.31.18. Senior Technology Consultant Graham Cluley said the change is made without prompting the user. He called the move "pretty bad."
"I realize how much malware is out there," he said. "But after upgrading to Snow Leopard, when I went to Adobe's Web site, what it actually told me was I had actually downgraded. I was no longer running the latest version of Adobe Flash."
As hackers have targeted Adobe's Flash player for browser-based vulnerabilities, the company has responded, like Microsoft, by releasing regular security updates for its software. Users can check what version number they're running and download updates at Adobe's Web site.
"Mac users who have been diligent enough to keep their security up-to-date do not deserve to be silently downgraded," Cluley said. "We know that hackers keep finding security holes in Adobe's code - and that's deeply concerning because it is so widely used by many Internet users, whether on Mac or PC."
In an effort to beef up security protection, Apple included limited malware protection in its latest operating system. Though the feature only scans files for two Trojans out of the box, the basic defender could be upgraded over time to protect against other potential threats.
But you forgot the apple has sand-boxed all plugins in Safari for snow leopard so that eliminates the vulnerabilities that recent hackers have been finding in Flash
Way to make a big deal over nothing. Apple's not perfect. Just download the new version and forget about it.
Get a grip.
Big deal.
Graham Cluley is a British computer programmer and 'Senior Technology Consultant ' at Sophos. So some antivirus outfit is rendering their opinion on the matter. Time to tune out.
Surely the newer version was released after Apple sent Snow Leopard to GM and had the ROMs mastered? If that is the case what do you expect Apple to do, send you a separate disc with a Flash installer on?
Get a grip.
Plus the first thing you should do anyway after you update your OS is look for third party updates.
IMHO the downgrade was a must, I didn't know they had done it, and I am actually incredibly grateful.
My laptop was running super hot and sucking down battery on SL, and the flash plugin was the culprit.. Weird as it did not behave like that in 10.5 - however I have installed Click2Flash - and that is a fantastic little extension (and fully compliant as a Safari Plugin under 10.6).. Machine runs great now, and I am not bombarded with stupid flash ads! Web browsing is super smooth now... I really recommend it...
The best Flash upgrade is to disable Flash completely.
Exactly. Turn it off. TURN IT OFF!
Goodbye annoying banner ads....
is that a GIF? sunnnovab....
As far as I remember, the latest version of Flash Player was released in the first week of August. And since 10.6 was released on 28th of August, I do not think Apple had enough time to upgrade to the latest version. Could be a reason?
I think it's the most likely reason, the installer clobbered the new one with the one included with the OS. The one on the disc was probably tested pretty reasonably well to at least be compatible.
Exactly. Turn it off. TURN IT OFF!
Goodbye annoying banner ads....
is that a GIF? sunnnovab....
I can't completely live without Flash, not happy to have to use it, but thankfully there are plenty of plug-ins available to allow selective flash execution. I don't know about the Safari ones, but FlashBlock for Firefox allows site whitelisting too.
Graham Cluley is a British computer programmer and 'Senior Technology Consultant ' at Sophos.
he's actually in their marketing dept, as I understand it.
I mean, get real. The security updates between those two versions were probably minimal anyway, or it would have been enough reason to make it a 10.1.xx.xx. Besides, Apple had already GM-ed SL before the newest version was released in all likeliness. So you have to go and upgrade, BFD. As another poster said, you should upgrade all third-party apps after installing a new OS anyway...