Version 11.3 of Adobe’s Flash Player, due in June, will provide the same silent update feature currently available to Windows users to those running OS X. In addition, Adobe will also offer a new security enhancement to Firefox called protected mode.
Last Friday, Adobe issued a fix for a vulnerability in Flash Player that was being actively targeted. The attacks focused on Windows users and spread via malicious emails. Symantec reported that it had seen many examples of the targeted attacks in the wild, adding that they’ve been aimed at multiple targets across manufacturers of products used by the defense industry.
Windows users, who activated the silent update feature when it arrived bundled with a patched back in March, didn’t need to worry about Friday’s release. They got it automatically.
Now, when Flash Player 11.3 hits the Web in June, Mac users will be offered the same update assurance. By default, silent updates are enabled in version 11.3, but users and opt to turn them off if they wish and receive visual update notifications.
Another improvement set to ship with Flash Player 11.3 will layer defenses within Mozilla’s Firefox browser. Called Protected Mode, the feature is comparable to the Protected Mode within Google’s Chrome, Adobe’s Reader, and Office 2010’s Protected View.
“Flash Player Protected Mode is a new security enhancement designed to limit the impact of attacks launched from malicious SWF files against Adobe Flash Player when running in Firefox 4.0+ on Windows Vista and higher,” Adobe explains.
“Protected Mode is enabled by default whenever you view Flash Player files in Firefox, reducing the risk of potential security threats on client systems via persistent malware. When Protected Mode is on, Flash Player files are displayed in a restricted environment called a sandbox.”
The downside is that Protected Mode may cause compatibility issues on some websites, nevertheless Adobe recommends that it remain enabled at all times.
Those who want to test Flash Player 11.3 before its release can download it here.
