Apple: Flash Player Plug-in Blocked in Safari

• Derek Erwin
10 years ago
Categories: Security News
Tags: Apple, CVE-2014-4671, Flash Player, Plugin, Rosetta Flash, Safari

Apple has issued a security notice stating that the company has blocked outdated versions of Adobe Flash in Safari due to vulnerabilities. The move to block outdated Flash Player plug-ins comes after Adobe released Flash Player version 14.0.0.145 to push a fix that removes a security vulnerability (CVE-2014-4671), which could be exploited by using a tool called Rosetta Flash.

If the version of Adobe Flash plug-in you are using is out of date, you may see the message, “Blocked plug-in,” or “Flash Security Alert” or “Flash out-of-date” when attempting to view Flash content in Safari.

RELATED: How to Tell if Adobe Flash Player Update is Valid

According to Apple’s product security team, Apple blocked the Flash Player plug-in because outdated Adobe Flash versions are vulnerable to the Rosetta Flash attack scenario, which could expose a victims sensitive data:

Due to security issues in older versions, Apple has updated the web plug-in blocking mechanism to disable all versions prior to Flash Player 14.0.0145 and 13.0.0.231.

Mac, Windows and Linux users can find additional security information about the Adobe Flash Player 14.0.0.145 update here.