TMCnet News

Snow Leopard upgrade leads to Adobe Flash security downgrade, warns Sophos
[September 03, 2009]

Snow Leopard upgrade leads to Adobe Flash security downgrade, warns Sophos


(M2 PressWIRE Via Acquire Media NewsEdge) IT security and data protection firm Sophos has this morning issued a security warning to Mac users upgrading to Apple's new Snow Leopard OS.

Those who choose to upgrade to Mac's latest operating system could find themselves exposed to security threats that they thought they had already patched against.

Mac users are not informed that Snow Leopard discreetly downgrades their version of Flash without permission. As a result, the version shipped with Snow Leopard (and which you are downgraded to) is inherently insecure and leaves users exposed to a raft of potential attacks and exploits which have been targeted on Adobe's software in recent months.



Graham Cluley, senior technology consultant at Sophos, has created a short video to demonstrate the security issue - http://www.youtube.com/watch?v=U20NaKiF3Ds In the video, Cluley urges Mac users who have upgraded to Snow Leopard to double-check that their version of Adobe Flash is current and - if not - update it immediately from http://get.adobe.com/flashplayer/ "This should be done as a matter of priority," explained Cluley. "Mac users who have been diligent enough to keep their security up-to-date do not deserve to be silently downgraded. In many ways, Adobe is 'the new Microsoft' when it comes to security vulnerabilities, with hackers targeting its code looking for ways to infect users. That's deeply concerning because it is so widely used by many internet users, whether on Mac or PC." "Adobe has acknowledged that previous versions of Flash should not be used for security reasons, but Apple is switching users from the version that is considered current to this old one. It's vital, therefore, that users ensure they are running the latest version - and that, in the future, operating system manufacturers do not reduce their customers' level of security without warning," Cluley added.

Further insight into this security issue can be found at Graham Cluley's blog - http://www.sophos.com/blogs/gc/g/2009/09/02/apple-ships...


- Graham Cluley's YouTube video available to be embedded into other websites.

- A short statement from Adobe on this issue can be found at http://blogs.adobe.com/psirt/2009/09/flash_player_update_and_snow_l.html About Sophos More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs-a global network of threat intelligence centres. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.

Sophos is headquartered in Oxford, UKand Boston, US.

((Comments on this story may be sent to info@m2.com)) (c) 2009 M2 COMMUNICATIONS

[ Back To TMCnet.com's Homepage ]