Version 11.3 of Adobe’s Flash Player, due in June, will provide the same silent update feature currently available to Windows users to those running OS X. In addition, Adobe will also offer a new security enhancement to Firefox called protected mode.
Last Friday, Adobe issued a fix for a vulnerability in Flash Player that was being actively targeted. The attacks focused on Windows users and spread via malicious emails. Symantec reported that it had seen many examples of the targeted attacks in the wild, adding that they’ve been aimed at multiple targets across manufacturers of products used by the defense industry.
Windows users, who activated the silent update feature when it arrived bundled with a patched back in March, didn’t need to worry about Friday’s release. They got it automatically.
Now, when Flash Player 11.3 hits the Web in June, Mac users will be offered the same update assurance. By default, silent updates are enabled in version 11.3, but users and opt to turn them off if they wish and receive visual update notifications.
Another improvement set to ship with Flash Player 11.3 will layer defenses within Mozilla’s Firefox browser. Called Protected Mode, the feature is comparable to the Protected Mode within Google’s Chrome, Adobe’s Reader, and Office 2010’s Protected View.
“Flash Player Protected Mode is a new security enhancement designed to limit the impact of attacks launched from malicious SWF files against Adobe Flash Player when running in Firefox 4.0+ on Windows Vista and higher,” Adobe explains.
“Protected Mode is enabled by default whenever you view Flash Player files in Firefox, reducing the risk of potential security threats on client systems via persistent malware. When Protected Mode is on, Flash Player files are displayed in a restricted environment called a sandbox.”
The downside is that Protected Mode may cause compatibility issues on some websites, nevertheless Adobe recommends that it remain enabled at all times.
Those who want to test Flash Player 11.3 before its release can download it here.
More from Steve Ragan
- Anonymous Claims Attack on IP Surveillance Firm Brickcom, Leaks Customer Data
- Workers Don’t Trust Employers with Personal Data: Survey
- Root SSH Key Compromised in Emergency Alerting Systems
- Morningstar Data Breach Impacted 184,000 Clients
- Microsoft to Patch Seven Flaws in July’s Patch Tuesday
- OpenX Addresses New Security Flaws with Latest Update
- Ubisoft Breached: Users Urged to Change Passwords
- Anonymous Targets Anti-Anonymity B2B Firm Relead.com
Latest News
- Johnson Controls Ransomware Attack Could Impact DHS
- Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks
- CISA Kicks Off Cybersecurity Awareness Month With New Program
- Recently Patched TeamCity Vulnerability Exploited to Hack Servers
- Silverfort Open Sources Lateral Movement Detection Tool
- Bankrupt IronNet Shuts Down Operations
- AWS Using MadPot Decoy System to Disrupt APTs, Botnets
- Generative AI Startup Nexusflow Raises $10.6 Million
