Snow Leopard Attack? Adobe Flash Flaw Ships with OS

Apple customers upgrading to Snow Leopard could be vulnerable to Adobe Flash attacks, security firm Spohos warns. If you updated to Snow Leopard this week, your Mac could be at risk, as the new operating system downgrades your Adobe Flash installation, the firm said.

Apple’s new Snow Leopard operating system introduced a new anti-malware feature, in order to keep your computer virus-proof, but Apple overlooked the security risks from having an older version of Adobe Flash, says Sophos, a company specialized in security.

The latest version of Flash Player for Mac is 10.0.32.18, but Snow Leopard ignores if you kept Adobe Flash up to date on your computer, and downgrades it to an earlier version, Sophos says in a blog post. Without your knowledge, Snow Leopard installs an earlier version of Flash (10.0.23.1), which the security firm says it known not to be secure and is not patched against various security vulnerabilities.

Sophos advises Mac users to check whether they have the latest version of Adobe Flash on their computer, by visiting this Adobe page. Following a Snow Leopard upgrade this weekend, I can also confirm that my Adobe Flash player version has been downgraded to 10.0.23.1, as per the screenshot above.

Several potential attacks and exploits have been targeted at Flash player in recent months which Adobe says could cause the application to crash and could potentially allow an attacker to take control of the affected system. Adobe is now aware of the Snow Leopard downgrade and advises users on their blog to update to the latest version too. You can update to the latest version of Adobe Flash Player from this page.

Apple did not respond to a comment request by the time of publishing.