Adobe Flash Player 10.1.53.64 Blocks 32 Security Holes
As Rich Mogull explained in “Security News: Flash Attacked, iPhone Exposed, Spyware Discovered” (7 June 2010), Adobe Flash suffered from a serious security vulnerability that had been exploited in the wild. Initially, the only way to protect yourself was to download the Flash 10.1 Release Candidate, but Adobe has now officially released Flash Player 10.1.53.64 to address 32 different security holes. Adobe has also released Adobe AIR 2.0.2.12610 to fix the same problems. You can read more about the updates in Adobe’s security advisory, but suffice it to say, we recommend you upgrade now.
To determine what version of Flash Player you’re running, visit the About Flash Player page (although, realistically, it’s unlikely that you’re up to date), and then head over to the Adobe Flash Player Download Center to download the latest version. You’ll get a disk image with an installer to run; you need to quit all running Web browsers before you click the Install button.
Figuring out what version of Adobe AIR is installed on your system (you’d have Adobe AIR installed if you use TweetDeck, or another Adobe AIR-based program) is annoyingly difficult; you have to look for the CFBundleVersion entry inside the Info.plist file stored at:
/Library/Frameworks/Adobe AIR.framework/Versions/1.0/Resources/
That’s craziness, of course, so if you’re using Adobe AIR at all, I’d recommend just downloading a new version from the Adobe AIR Download Center.
In the whole dustup between Apple and Adobe surrounding Apple’s decision to keep Flash out of the iOS, little has been said about how the addition of Flash would increase the security vulnerability of the entire platform. Situations like this, where Flash Player had critical vulnerabilities that were being exploited in the wild for some time before a fix was available, clearly support Apple’s position.
Oops--RC was indeed 10.1.53.64--the about page just shows 10.1 as the version we should have.
Previously, I asked: Did Adobe reissue 10.1 RC 7 as 10.1, or did they fail to change the full version from 10.1 RC 7's value of 10.1.53.64
I suspect the latter - it was a release candidate, after all. But I don't know for sure.
To view the version of a framework such as Adobe AIR, launch the System Profiler (option-Apple Menu > System Profiler).
Then select Software > Frameworks.
Much easier and more life-improving option: Use ClickToFlash in Safari, and/or a Firefox Flash blocker if you use Firefox.
http://clicktoflash.com/
I had installed Flash Player 10.1 Gala, uninstalled it with Adobe's Flash uninstaller, and then installed the new Flash Player 10.1. Now Safari 5 tells me "Missing Plug-In" when I try to open a flash video. What could be the problem?
I have no problem opening flash videos in Firefox 3.6.3.
Please disregard my previous message. Flash 10.1 works on Safari 5. The problem I had seems to be related to some other medium.