Vulnerability Management

Apple blocks outdated Flash plug-ins to ward off Rosetta Flash attacks

Vulnerabilities have prompted Apple to block outdated versions of Adobe Flash in Safari that can be exploited by the so-called Rosetta Flash tool, according to a security notice released by the company.

Adobe recently released Flash Player version 14.0.0.145 to fix the CVE-2014-4671 security vulnerability but Apple noted that out-of-date Rosetta Flash could be used to exploit the Flash plug-ins and expose sensitive user data.

The security alert said that updates to web plug-in blocking will block all plug-ins earlier than Flash Player 14.0.0145 and 13.0.0.231.

Apple warned users that if they're using an outdated plug-in, they may see messages such as  “'Blocked plug-in,' or ‘Flash Security Alert' or ‘Flash out-of-date' when attempting to view Flash content in Safari.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds