14 DAY TRIAL // Renowned security expert Sophos has discovered that Apple is downgrading Mac OS X 10.6 users to an old, vulnerable version of Adobe Flash Player (10.0.23.1), which is susceptible to attacks, according to the company.
"Mac users are not informed that Snow Leopard has downgraded their version of Flash without permission and that they are now exposed to a raft of potential attacks and exploits [that have targeted] Adobe's software in recent months," Graham Cluley, senior technology consultant at Sophos, wrote."Adobe is the 'new Microsoft' when it comes to security vulnerabilities, with hackers targeting their software looking for vulnerabilities to exploit," Cluley added in his blog post.
"If you're not sure which version of Adobe Flash you have on your computer (whatever operating system you use), take 30 seconds to visit their Website," he shared. "Adobe will not only tell you what version of Flash you are running, they will also tell you what version you should be running." According to Cluley, "Mac users [...] are now exposed to a raft of potential attacks and exploits which have been targeted on Adobe's software in recent months."
Sophos' Chester Wisniewski also wrote a blog post about other security issues plaguing Snow Leopard, claiming that Apple could have improved it, but didn’t. Apple is yet to respond requests for comments on the matter, according to eWeek.
Despite all this, the Mac maker touts its operating system as highly secure, even integrating anti-malware software that detects if a user has downloaded a virus from the Internet. Corroborated by Snow Leopard testers over at the MacRumors forums, a screenshot showed the malware-check feature working with a file download via Safari. Upon extracting the contents of the downloaded disk image, Snow Leopard detected a version of the RSPlug Trojan horse. Apple seems to be taking steps against malware, but not necessarily in all the right directions.