Adobe patches critical Flash bugs, ships sandboxed plug-in for Firefox

Also delivers silent updater for OS X, readies Flash for Mountain Lion

1 2 Page 2
Page 2 of 2

A sandbox isolates processes on the computer, preventing, or at least hindering, hackers trying to exploit an unpatched vulnerability, escalate privileges and push malware onto the machine.

Adobe first sandboxed Flash Player for Google's Chrome in late 2010 after working with Google engineers; the sandboxed plug-in for Firefox came after similar cooperation from Mozilla engineers, Adobe said several months ago.

The Mac background updater debuted just over a month ago in a beta version of Flash Player 11.3, but went final today. The tool is identical to the Windows version, which Adobe launched in March: It pings Adobe's servers every hour until it gets a response. If it reaches Adobe and finds no ready update, the tool re-checks the servers 24 hours later. Found updates, however, are applied entirely in the background, and do not display notices on the screen or require the user to take any action.

By default, Flash 11.3 has silent updates switched on for OS X users, but they can change the setting to continue to receive on-screen alerts, or more dangerously, decline all updates.

Adobe has also prepared Flash Player for the release of Apple's next desktop operating system, Mountain Lion.

Mountain Lion includes a new feature called Gatekeeper that by default will let users install only software downloaded from the Mac App Store -- the Apple-curated market that debuted in January 2011 -- or signed with certificates Apple provides free-of-charge to registered developers.

Gatekeeper is Apple's reaction to last year's spread of the Mac Defender malware, which was tucked into fake security software: Gatekeeper will prevent such "scareware" from ending up on Macs.

"Starting with Flash Player 11.3, Adobe has started signing releases for Mac OS X using an Apple Developer ID certificate," said Brad Arkin, Adobe's senior director of security, products and services, on a company blog today. "Therefore, if the Gatekeeper setting is set to 'Mac App Store and identified developers,' end-users will be able to install Flash Player without being blocked."

Because Flash is not distributed through Apple's desktop app market, if users set Gatekeeper to the most restrictive option -- "Mac App Store" -- they won't be able to install or update Flash Player.

Flash Player was upgraded Friday to version 11.3 for Windows and OS X, to 11.2 for Linux and to 11.1 for Android. As of 3 p.m. ET, Google had yet to update Chrome, which includes its own version of Flash, to gives its users the patched edition.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His email address is

See more by Gregg Keizer on

Copyright © 2012 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
Shop Tech Products at Amazon