According to Sophos, users who upgrade to Snow Leopard are left with Adobe Flash Player Version 10.0.23.1, which is known to be susceptible to attacks.
Apple is pushing out an older, vulnerable version of Adobe Flash Player with its “Snow Leopard” operating system upgrade, according to Sophos.
Snow Leopard, aka Mac OS X 10.6, hit the streets on 28 Aug with much fanfare about promised performance improvements. Apple also generated some buzz by including a malware scanner in the mix to analyse downloads for two known Trojan families.
However, the updated operating system also includes a version of Adobe Flash Player that is vulnerable to several bugs. During the update process, Apple silently downgrades the latest version of Flash Player for Mac—Version 10.0.32.18—to Version 10.0.23.1, Sophos reported on 2 Sept.
“Mac users are not informed that Snow Leopard has downgraded their version of Flash without permission and that they are now exposed to a raft of potential attacks and exploits [that have targeted] Adobe’s software in recent months,” blogged Graham Cluley, senior technology consultant at Sophos.
Adobe, as Cluley pointed out, has become a popular target for attackers. August statistics from Trusteer showed that nearly 80 percent of the roughly 2.5 million users Trusteer scanned were running vulnerable versions of Flash.
“Adobe is the ‘new Microsoft’ when it comes to security vulnerabilities, with hackers targeting their software looking for vulnerabilities to exploit,” Cluley wrote in the blog post.
“If you’re not sure which version of Adobe Flash you have on your computer (whatever operating system you use), take 30 seconds to visit their Website,” he added. “Adobe will not only tell you what version of Flash you are running, they will also tell you what version you should be running.”
Apple did not respond to a request for comment about the issue.
SoftBank-owned UK chip design firm ARM Holdings to develop AI accelerator chips for data centres…
Aggressive hackers behind hacks on Las Vegas MGM and Caesars casinos launch new campaign as…
Lawyer for Australia's eSafety Commissioner says X wants to overrule government on what are 'reasonable'…
EV maker Zeekr, controlled by car giant Geely, valued at nearly $7bn as investors heartened…
Elon Musk says Tesla to spend more than $500m on charger network expansion this year,…
San Francisco judge says social media platforms such as X have no right to arbitrarily…