Late Thursday, Apple issued a security warning saying it has blocked old versions of Adobe’s Flash Player from running in Safari. The company cited a recent security flaw that could allow the bad guys to harvest browser data.
As noted in an updated support document regarding the issue, Apple has taken action against a recently discovered Flash vulnerability by restricting plug-in access through its Safari Web browser.
Users who still have out-of-date plug-ins installed will receive a message saying, “Blocked plug-in,” “Flash Security Alert” or “Flash out-of-date” when they attempt to access Flash content in the Safari browser. When users click on the alert, they are taken to the Adobe Flash installer page, where they can download and install the latest version of the plug-in.
Adobe says the flaw can be found in Flash Player for Mac version 14.0.0.125 and earlier. A proof-of-concept exploit was demonstrated earlier this week by Google engineers Michele Spagnuolo. Adobe then advised Mac users to update to version 14.0.0.145. Windows and Linux builds of Flash were also vulnerable to the bug.