• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Apple Claims 55 Flash Vulnerabilities Fixed in 10.6.5


    Of the 131 security issues noted as resolved by the new Mac OS X 10.6.5 update, more than half are fixes to third party software, with the overwhelming majority of those having to do with Flash. However, the way Apple fixed the Flash vulnerabilities was just by upgrading the Flash Player plug-in to the latest version, not by making any changes to Mac OS X itself.

    The Knowledgebase article about the update lists 55 security vulnerabilities related to Flash Player, 16 having to do with X11, nine about the QuickTime player, one about Safari, and five about specific features in Mac OS X Server that are not present in the desktop version. Another 45 had to do with components of Mac OS X, including updates to the AFP network protocol providing new validation and error signaling, and a fix to the password server to prevent users from logging in with outdated passwords. CoreText and CoreGraphics have also been tweaked to improve handling of a previously-fixed security flaw related to malicious PDF files.

    The fact that there were so many identified security issues in the version of Flash Player used in 10.6.4 lends credence to Apple's explanation that the reason MacBook Airs did not ship with the plug-in installed was so that users could download the more secure version themselves. Tests of the new lightweight notebook with Flash installed did show much increased battery consumption, though, and some observers felt the omission had more to do with Apple being able to meet its claims of six-hour battery life. Adobe's chief technology officer Kevin Lynch complained of Apple's "negative campaigning" in an interview with Fast Company magazine, and called Apple's rejection of Flash a "blockade of certain types of expression."

    Security Update 2010-007 for Mac OS X 10.5 was also released at the same time as Mac OS X 10.6.5, providing many of the same fixes as well as additional patches to Leopard users. The upgrades are available via Software Update, or by direct download from the Apple Support site.

    Source: AppleInsider
    This article was originally published in forum thread: Apple Claims 55 Flash Vulnerabilities Fixed in 10.6.5 started by Paul Daniel Ash View original post
    Comments 29 Comments
    1. Cer0's Avatar
      Cer0 -
      Nah Flash is a beast of security risks. They may have just fixed ways that the vulnerabilities that Flash has from creeping out to the OS. So Flash could still have them but the OS stops them before the leak out to the rest of the OS.
    1. awesomeSlayer's Avatar
      awesomeSlayer -
      Quote Originally Posted by Zokunei View Post
      I know. But Apple's thing is "Macs don't get *cough Windows cough* viruses." And if you dump IE and turn off Internet history, you don't get any viruses.
      Dump the internet and you'll never have viruses.

      That is a lot of fixing. Now, I hate Flash even more on my Mac for the vulnerabilities.
    1. VBLUE42's Avatar
      VBLUE42 -
      Quote Originally Posted by rocky5 View Post
      I hate this, windows has viruses, only if you download them just like mac osx pirated copie, they come with viruses.
      If there were none then why the hell do you get antivirus software for a mac?

      Also I would like to see the vunranilities, as jobs will do anything to discredit Flash as to hype up HTML5.

      You only get viruses buy downloading them period.

      You don't get them by browsing the web, you could get malware by browsing the net.

      Apple fanboys go do your reserch before jumping on the windows hate wagon.

      As

      Ok PC fanboy, I can download pirated Mac software all day long and never get a virus alert. Maybe you should do your research. The point is that there are viruses out there for the Mac now, but it is on an order of magnitude far less then on your PC. Most Mac users will never even get an infection when there is one. PC people here it on CNN when there is a mass Windows infection.
    1. zplit's Avatar
      zplit -
      Quote Originally Posted by GreggSymington View Post
      Against Windows' 999,999,999,999,999,999,999 etc.
      lmaoooooooo
    1. rhekt's Avatar
      rhekt -
      The only virus/Trojan/spyware i have EVER scanned on my Mac came from a security app i downloaded onto my iPhone from Cydia. Intego and Macscan ensure this is accurate. So i guess this means my Mac never has. Just my iPhone.

      Quote Originally Posted by Cer0 View Post
      I love Little Snitch. One of those must have apps for OSX.
      +1 best
    1. recognition's Avatar
      recognition -
      Quote Originally Posted by rocky5 View Post
      I just realised that this is bull with Apple how can they fix flash if flash is a stand along addin to osx.

      What Apple really mean is they have fixed problems with there OS that allows vulnerabilities to be had when flash is installed.

      Apple are really good with there PR and wording stuff to go on there favour.

      For flash to be fixed or modified in any way would mean Adobe would need to do it, as apple always say flash isn't open it's proprietary. (so they don't have access to the source to fix ****)
      Did you not read the article?!

      It clearly says how Apple fixed this was by upgrading flash to the latest version.
    1. rocky5's Avatar
      rocky5 -
      Quote Originally Posted by recognition View Post
      Did you not read the article?!

      It clearly says how Apple fixed this was by upgrading flash to the latest version.
      yes, but the thread title implies that Apple fixed them not Adobe, it should have been Adobe Fixed 55 vulnerabilities in Flash.

      All this thread does is start another Flash is ****, HTML5 rules!, I was just merely pointing out that Apple cannot fix anything in flash unless Adobe make it open source.

      and how good Apple are at making/wording headlines.
    1. recognition's Avatar
      recognition -
      Quote Originally Posted by rocky5 View Post
      yes, but the thread title implies that Apple fixed them not Adobe, it should have been Adobe Fixed 55 vulnerabilities in Flash.

      All this thread does is start another Flash is ****, HTML5 rules!, I was just merely pointing out that Apple cannot fix anything in flash unless Adobe make it open source.

      and how good Apple are at making/wording headlines.
      Maybe it should of read,

      'Apple have claimed that in 10.6.5, 55 Flash vulnerabilities have been fixed (that were present in 10.6.4) by upgrading the flash plug-in to the latest version'

      but thats a bit long winded for a headline...
    1. metaldood's Avatar
      metaldood -
      Quote Originally Posted by Antman217 View Post
      I hope more sites update to HTML 5 soon. Currently I only need two more sites that I visit to update to HTML 5 and I can uninstall flash. Btw if u uninstall flash will that mean less ads?
      No that will mean more ads in HTML 5.


      And no way to block HTML 5 ads with Adblocker