Monday, March 21, 2011

Google’s silent updating in action: Chrome squashes nasty Flash Player bug ahead of Adobe

When a critical Flash Player vulnerability was discovered being used in the wild last week, Adobe posted an advisory and promised an update within a week. The exploitable software flaw lets attackers take control of your system after opening an Excel spreadsheet with an embedded malicious Flash file (Office 2010 is said to feature safety countermeasures that prevent harmful code execution).

This undoubtedly nasty bug that affected the whole web and not just the parts of it needed a quick fix. It comes as a surprise that Google has managed to beat Adobe to the update punch by squashing the bug with a Chrome update while Adobe preps to issue the fix this week. How’s that possible?

For starters, Google and Adobe have an ongoing relationship that gives the search monster access to early Flash Player builds. In this case, a yet-to-be-released Flash Player build comes integrated with the latest Chrome update. Folks who run Flash Player plug-in for other browsers are left in the cold.

Second, Chrome takes silent updating to extremes. A Google process runs in the background on your computer, awaiting notification from the update server. When an update goes live, the process downloads files and updates your browser. This happens silently and the installation completes the next time Chrome restarts. You don’t even realize it unless you check out the version number by choosing About Google Chrome under the wrench menu.

Apple stopped preloading Flash Player on Macs last October. The Flash plug-in is often blamed for crashes, poor performance and its resource intensiveness. Daring Fireball cautions people to uninstall Flash from their Mac and instead use Chrome for online Flash videos, games and other content. It’s a sound advice. After all, the recently released Chrome 10 did extend sandboxing technology to the integrated Flash Player. As a result, the plug-in runs as a separate process isolated from other tabs, the rest of the browser and a host operating system.

Related Stories on 9to5 Mac
Adobe ships Flash Player 10, AIR 2.0 betas, will iPhone smile?
Adobe currently testing optimized Flash Player for new MacBook Air
Google Chrome for Mac (beta) available now
Adobe slams Snow Leopard Flash Player security patch
Google officially enters the OS Wars with Chrome OS

*thanks 9to5Mac*

Our new Forum is now open here or on the top tabs marks Forums, please register and post..

For the latest limera1n, rubyra1n, and all tech stories, follow us on Twitter at
@iphonepixelpost or @limerain_com
- Posted using my iPhone 4

No comments:

Post a Comment