Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Snow Leopard Installation Downgrades Flash Player to Vulnerable Version

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
67,564
37,953


Antivirus firm Sophos reports that Mac OS X Snow Leopard ships with an outdated version of Flash Player that contains several security vulnerabilities patched in the most recent version of Flash Player that was released by Adobe on July 30th. Importantly, an upgrade installation of Snow Leopard over an existing Leopard installation containing an up-to-date Flash Player downgrades Flash to the earlier version with no warning to the user that it has done so.
Unfortunately during the course of that update (and unknown to you) Apple downgraded your installation of Flash to an earlier version (version 10.0.23.1), which is known not to be secure and is not patched against various security vulnerabilities.

The version you should be running is the latest version of Flash Player for Mac - 10.0.32.18.

Mac users are not informed that Snow Leopard has downgraded their version of Flash without permission, and that they are now exposed to a raft of potential attacks and exploits which have been targeted on Adobe's software in recent months.
Click to expand...
The report urges users to double check their Flash Player version and upgrade to version 10.0.32.18 if necessary in order to be sure that they have up-to-date protection against security threats.

Article Link: Snow Leopard Installation Downgrades Flash Player to Vulnerable Version
 
Article Link
https://www.macrumors.com/2009/09/03/snow-leopard-installation-downgrades-flash-player-to-vulnerable-version/
In my view this is a minor issue as it's really up to the end user to ensure that they have the latest patched versions of third-party software.
 
Snow Leopard { I currently have Unibody Macbook 2.4 GHz}

How is snow Leopard? Is it worth the upgrade?
 
big deal! I just updated to the latest version, didn't take more than 15 seconds.
It's not apples responsibility to make sure everyone is running with the latest version of this and that software, people should learn to update their crap themselves.
 
I didn't realize that my flash player does not update itself. Kind of a hassle to remember to do that periodically
 
MACdaddy859 said:
How is snow Leopard? Is it worth the upgrade?
Click to expand...

Absolutely not. I purchased it along with a brand new Mac Pro. I was using Leopard for about a week until Snow came in. Nothing but beauty from Leopard, with Snow- nothing but problems.
-cannot access PowerPoint
-shuts down randomly and restarts
-cannot link with Network server adequately
-Illustrator does this weird graphics thing if I nudge an item

Individually nothing serious, but overall, sucks ass. DO NOT BUY SNOW LEOPARD.
At least til they figure out their issues.
 
NSK123 said:
big deal! I just updated to the latest version, didn't take more than 15 seconds.
It's not apples responsibility to make sure everyone is running with the latest version of this and that software, people should learn to update their crap themselves.
Click to expand...

But it was Apple's job to DOWNGRADE your Flash player?

It's not like Apple is some stupid company that didn't know how to check if your Mac is running certain versions of Flash or any other software. Apple obviously did this for a reason.

How is snow Leopard? Is it worth the upgrade?
Yes, my MacBook Pro is significantly faster on everything (I timed stuff with Leopard too).
-Apps launch close to instantly (they allows took 4-6 bounces in Leopard).
-Faster Startup/Shutdown/Sleep/Wake
-Better response in apps

Snow Leopard was well worth $29; it's what Leopard should have been. Also, if you have Exchange- you NEED this.
 
NSK123 said:
big deal! I just updated to the latest version, didn't take more than 15 seconds.
It's not apples responsibility to make sure everyone is running with the latest version of this and that software, people should learn to update their crap themselves.
Click to expand...

And what about the people who have already upgraded but have now been silently downgraded???

This is an Apple Mistake, not end users.
 
The Razor said:
Absolutely not. I purchased it along with a brand new Mac Pro. I was using Leopard for about a week until Snow came in. Nothing but beauty from Leopard, with Snow- nothing but problems.
-cannot access PowerPoint
-shuts down randomly and restarts
-cannot link with Network server adequately
-Illustrator does this weird graphics thing if I nudge an item

Individually nothing serious, but overall, sucks ass. DO NOT BUY SNOW LEOPARD.
At least til they figure out their issues.
Click to expand...

And of course, you've done exhaustive testing to discover that Snow Leopard is the cause of these problems.

Get real, kid. :rolleyes:
 
Flash is a nightmare, regardless of what version, on OSX. Installing ClickToFlash has probably been a better upgrade for me so far than SnowLeopard!* No more do I see Safari with about 20 tabs open hogging a ridiculous amount of CPU cycles, as all the awful Flash elements in sites I don't want anyway are now blocked. I've also set it to use h.264 for Youtube, but the beta (which is the only version that works on SL) seems to autoload videos now. I'm sure that didn't happen on the stable/10.5

Adobe need to take a leaf out of Apple's book and make CS5 a '0 new features' release at a minimum cost, and give OSX users a decent release of their software. Everything about CS4, even the installer, feels like a PC port. Apple users have been huge supporters of Adobe through the years and deserve some better treatment. Flash is only the (awful) tip of a (huge) iceberg. It's beyond me that some iPhone owners actually want this awful thing on their handsets...

* Not to put down SL in any terms, I thought it was a good update before I read the ARS Tech 23 page review, now I *know* it is! :)
 
Funnily enough, after installing Snow Leopard I found flash movie playback to be terrible with lots of stuttering. I replaced the flash plug-ins from Leopard from my Time Machine backup.

So does that mean I've actually installed a newer version of the plug-ins supplied by Snow Leopard, but going back to my Leopard plug-ins?

Weird.
 
amac4me said:
In my view this is a minor issue as it's really up to the end user to ensure that they have the latest patched versions of third-party software.
Click to expand...

Even this is forgiven when it's Apple, but had it been MS people would have gone mad. Do you not understand what this means? This means that 3rd party software is PURPOSEFULLY downgraded by the installer, without checking the version number first. Smells like an Apple hates Macromedia thing to me, as I am fairly certain the installer checks the version number of every other piece of software before downgrading it.

I think Apple wanted these news. You people will just turn them to "Flash being unsafe, thank you Apple". It's a conspiracy!
 
Yes, Flash is a mess and embarrassing. A true disgrace, the mother-in-law to the CPU. But you can just upgrade.
 
NSK123 said:
big deal! I just updated to the latest version, didn't take more than 15 seconds.
It's not apples responsibility to make sure everyone is running with the latest version of this and that software, people should learn to update their crap themselves.
Click to expand...


Unbelievable. A total Cupertino brainwash. Impressive.
 
it probably upgraded mine, i don't think i've upgraded it in a year. But I agree it should have been checked before downgrading or just left alone all together.
 
JayX said:
Flash is a nightmare, regardless of what version, on OSX. Installing ClickToFlash has probably been a better upgrade for me so far than SnowLeopard!* No more do I see Safari with about 20 tabs open hogging a ridiculous amount of CPU cycles, as all the awful Flash elements in sites I don't want anyway are now blocked. I've also set it to use h.264 for Youtube, but the beta (which is the only version that works on SL) seems to autoload videos now. I'm sure that didn't happen on the stable/10.5

Adobe need to take a leaf out of Apple's book and make CS5 a '0 new features' release at a minimum cost, and give OSX users a decent release of their software. Everything about CS4, even the installer, feels like a PC port. Apple users have been huge supporters of Adobe through the years and deserve some better treatment. Flash is only the (awful) tip of a (huge) iceberg. It's beyond me that some iPhone owners actually want this awful thing on their handsets...

* Not to put down SL in any terms, I thought it was a good update before I read the ARS Tech 23 page review, now I *know* it is! :)
Click to expand...

You have really bought Apple's side of the coin, haven't you? Flash is a fantastic product that has delivered so much for the Internet as we know it today.

However, there is a dispute between Apple and Macromedia, so that is the reason for Flash hogging a bit too much resources on the Mac. Flash in itself is a good product but you have really bought into Apple's campaign of making Macromedia and Flash look bad.
 
Whether or not it was Apple's responsibility to make sure third-party support like Flash was correct, it's an easy fix, and obviously there's an intelligent enough community of users who spotted the error and let everyone know. Small potatoes in my opinion.
 
I upgraded a few days ago, as I found a flash website that didn't work under SL that did under leopard directly before the upgrade.
It was chance that I found this, flash is more stable with the newer version. THis is a really really bad move by apple. I hope they issue some sort of security update or /something/ to address this, despite it being 3rd party, because it's their fault and they need to correct it. I keep my software up to date regulary, but would have missed this if not by chance/this article
 
Tommigun said:
You have really bought Apple's side of the coin, haven't you? Flash is a fantastic product that has delivered so much for the Internet as we know it today.

However, there is a dispute between Apple and Macromedia, so that is the reason for Flash hogging a bit too much resources on the Mac. Flash in itself is a good product but you have really bought into Apple's campaign of making Macromedia and Flash look bad.
Click to expand...
Ummmm, no. Flash is a horrible resource hog on all platforms, but it's exacerbated even further in OS X.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back