Apple patches Safari, blocks outdated Flash Player

10.05.2012
Apple on Wednesday patched four security vulnerabilities in Safari and blocked outdated versions of Adobe's Flash Player from running in its browser.

The Flash blocking move was similar to one Apple made last month when it stopped the Java plug-in from launching automatically.

Safari 5.1.7, which runs on OS X 10.6 and 10.7 -- Snow Leopard and Lion, respectively -- as well as on Windows XP, Vista and Windows 7, was released alongside another update for Lion that included a slightly-older version of the browser. Lion users must download and install both updates to push Safari to version 5.1.7.

The four security flaws fixed were the same ones patched Tuesday in for the iPhone, iPad and iPod Touch. All were labeled as bugs in WebKit, the open-source rendering engine that powers Safari as well as Google's Chrome.

In fact, one of the vulnerabilities was first revealed by a researcher at the Google hosted last March. The researcher, Sergey Glazunov, was for pairing the flaw with another bug to bring down Chrome.

Glazunov was credited by Apple with reporting a second WebKit vulnerability, while another was attributed to a pair of engineers on the Chrome security team.