Java Web Start is an Oracle technology that lets users single-click launch a Java app from within a browser without first downloading the app to the machine.Īnd Apple wasn't the only browser maker to recently block Adobe software. "As a security hardening measure, the Java browser plug-in and Java Web Start are deactivated if they are unused for 35 days," Apple said at the time. Apple took the step because of Flashback, a malware family that used a Java vulnerability to infect hundreds of thousands of Macs in a spree that still continues. Neither Windows Vista or Windows 7 included a preinstalled version of Adobe's software.īlocking Flash was the second such move by Apple in a month: On April 12, the company issued an OS X update that disabled automatic execution of Java applets by the Java browser plug-in. Microsoft last distributed Flash with the nearly-11-year-old Windows XP. "This update presents the option to install an updated version of Flash Player from the Adobe website."Īpple stopped bundling Flash Player with OS X in the fall of 2010, but users have been free to download and install the plug-in on their own. "This update disables Adobe Flash Player if it is older than 10.1.102.64 by moving its files to a new directory," Apple's advisory stated Wednesday. It has also continued to maintain the older version 10, which now stands at version 10.3.183.19. Since then, Adobe has shipped Flash Player 11 for the Mac. Glazunov was credited by Apple with reporting a second WebKit vulnerability, while another was attributed to a pair of engineers on the Chrome security team.Īlong with the four patches, Apple also yanked Adobe's Flash Player from Safari if the plug-in was older than version 10.1.102.64, which released in November 2010. The researcher, Sergey Glazunov, was awarded $60,000 for pairing the flaw with another bug to bring down Chrome. In fact, one of the vulnerabilities was first revealed by a researcher at the "Pwnium" hacking contest Google hosted last March. All were labeled as bugs in WebKit, the open-source rendering engine that powers Safari as well as Google's Chrome. The four security flaws fixed were the same ones patched Tuesday in iOS 5.1.1 for the iPhone, iPad and iPod Touch.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |