Did Snow Leopard Downgrade Your Adobe Flash, Security Too?
If you upgraded your Mac to run Snow Leopard, then you would be wise to double-check that it's still protected against security vulnerabilities.
If you upgraded your Mac to run Snow Leopard, then you would be wise to double-check that it's still protected against security vulnerabilities.After all, the last thing you would expect when you upgrade your operating system is that part of your security is downgraded without your knowledge.
But that's exactly what's happening with Mac OS X Snow Leopard and Adobe Flash.
As I explained on my blog on the Sophos Website, I was feeling pretty pleased with myself, obeying all of the rules and keeping my installation of Flash up-to-date. (At the time of writing the latest version is 10.0.32.18.)
So you can imagine my surprise when after installing Snow Leopard I discovered I had been downgraded to an earlier Flash version (10.0.23.1) containing security vulnerabilities -- and without a word of warning from Apple.
If you don't know which version of Adobe Flash you are running on your computer, then visit Adobe's Website and let the company perform a quick test.
In fact, Adobe will not only tell you which version of Flash you are running, but it will also tell you what version you should be running. And, of course, download the latest version directly from here.
There's an important lesson to be learned: Whenever you install a service pack or (in this case) an operating system upgrade, make sure to spend the time double-checking it hasn't secretly adjusted your security settings or rolled back some of your software.
A few minutes spent investigating that you still have all of your patches in place could save you a lot of heartache in the future.
Graham Cluley is senior technology consultant at Sophos, and has been working in the computer security field since the early 1990s. When he's not updating his other blog on the Sophos website, you can find him on Twitter at @gcluley. Special to Dark Reading.
Read more about:
2009About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024