Now here’s something unexpected. Sophos security consultant Graham Cluley has a warning for everyone who’s just upgraded their computer to run Snow Leopard: go check your Flash plugin version as soon as possible, because you might find that your OS upgrade simultaneously downgraded your plugin. (Assuming your plugin was up-to-date to begin with; full explanation in the video above.)
You can check your plugin version at this page on Adobe’s site.
While the Vimeo Flash video player Graham’s using is not going to cause any harm to your computer, you can’t be certain that Flash content elsewhere on the web will be as safe.
How so? I called Graham this morning and asked him.
Graham Cluley: “Adobe has been urging users to keep themselves up-to-date, and what’s most frustrating about the Snow Leopard upgrade is that I had been diligent, I’d been doing the right thing. But I was downgraded in the background. And most people, even if they had been diligent in the past, simply wouldn’t think to check for that sort of thing.”
Cult of Mac: “Most people understand the concept of a virus arriving by email, but malicious Flash isn’t so well known. How might malicious Flash code work?”
Graham Cluley: “Most likely, there would be malicious code that exploits vulnerabilities in Flash to run things on your computer without your permission.
“In a typical attack the bad guys will deliberately craft a malicious Flash animation that will cause a buffer overflow, which in turn will run some shell code. That exploit code can then redirect you to a third party website, but it’s perfectly possible for the attack to be completely contained inside the Flash file.”
Cult of Mac: “Do you have any documented cases where this kind of attack has been made against Macs?”
Graham Cluley: “Unfortunately we don’t – we don’t have any links between Flash exploits and Mac users specifically being hit. Now that may partly be a consequence of Sophos focusing on the business market, and not having a consumer product, so we may have less visibility on this as home users are not likely to contact us.
“However, if you Google for Mac Flash Exploit you’ll find plenty of news reports of past vulnerabilities that could affect Mac users.”
