Vulnerability Management

Apple blocks outdated Flash plug-ins to ward off Rosetta Flash attacks

Vulnerabilities have prompted Apple to block outdated versions of Adobe Flash in Safari that can be exploited by the so-called Rosetta Flash tool, according to a security notice released by the company.

Adobe recently released Flash Player version 14.0.0.145 to fix the CVE-2014-4671 security vulnerability but Apple noted that out-of-date Rosetta Flash could be used to exploit the Flash plug-ins and expose sensitive user data.

The security alert said that updates to web plug-in blocking will block all plug-ins earlier than Flash Player 14.0.0145 and 13.0.0.231.

Apple warned users that if they're using an outdated plug-in, they may see messages such as  “'Blocked plug-in,' or ‘Flash Security Alert' or ‘Flash out-of-date' when attempting to view Flash content in Safari.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.