OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

Adobe Flash Player security update released

Published April 29th, 2014 at 6:12 AM EDT , modified April 29th, 2014 at 6:12 AM EDT

Adobe has released an update to their Adobe Flash Player software, which evidently had a vulnerability that was actively being exploited on Windows. There is no indication that this was being exploited on Mac OS X, but since the vulnerability was present in Flash for Mac OS X as well, all Mac users who have Adobe Flash Player installed should immediately update.

Note that the only legitimate place to download Flash is from get.adobe.com/flashplayer, or by using Flash’s automatic update feature. Never install Flash by clicking a pop-up on a website that tells you Flash is outdated and needs to be updated!

Tags: ,

9 Comments

  • Kate/bentkitty100 says:

    Does using Chrome protect you from this?

    • Thomas says:

      Chrome uses its own copy of Flash, and updates it automatically. So using Chrome would ensure you’ve got the update.

    • Al says:

      In my experience I rarely receive the Chrome update before the one from Adobe and there has never been a time that one needed to be updated and the other did not, but I may pay closer attention to these updates. So when you hear that there is a new update always check to see that you have it.

  • Darren Kehrer says:

    It seems like Adobe Flash Player is getting updated a lot. Yes it’s great that they are keeping it up to date, but seems like a weekly process at this poing.

  • Al says:

    There have been sixteen Flash Player 10, 11, 12 & 13 updates in the past twelve months so that’s every 3-1/4 weeks. I suspect you would find it has been at about that same level for several years now.

    Normally, Adobe would like to publish updates no more than once a month when they have new features or security fixes with no current threats. This update (along with maybe two or three others) was an “out-of-cycle” update because there was a known threat targeting a small group of Windows users. The last two updates have been such “Zero-Day” updates.

  • Darren Kehrer says:

    hmmm. Ok, maybe it just seems like a lot. Don’t get me wrong, I’m glad they are keeping up with security. Flash is much easier to update and control since they worked in a system preferences option to do so.

  • j. dimauro says:

    would you happen to know if this file is linked to a valid flash installer update–

    adobeflashplayerinstaller_12_ltrosxd_aaa_aih.dmg

    found one thread in an adobe forum–excerpt from question and response: “AdobeFlashPlayerInstaller_11au_ltrosxd_aaa_aih.dmg
    This is the Adobe (or Akamai) Install Helper application. It will download the real installer while running, but there are many problems associated with it. Best use the direct installer.”

    thank you~

    • Thomas says:

      Adobe does use names like that, but to be absolutely sure, only install Flash installers downloaded directly from Adobe’s web site: get.adobe.com/flashplayer

    • Al says:

      I agree with Thomas that it has a valid name for a previous version of the Flash Installer, however, it’s not the most recent and may not download the latest version that fixed a critical security vulnerability. You need to make sure you have v13.0.0.206 installed as of this date.

This post is more than 90 days old and has been locked. No further comments are allowed.