Google Silently Patches Flash Vulnerability in Chrome Before Adobe!

A recent vulnerability in Adobe’s Flash Player was discovered, to which Adobe replied that a patch would be available within a week. This bug works when you open an Excel file that contains an embedded malicious Flash file (Office 2010 is not affected). However, Google Chrome users can rest easy because their flash player has already been patched. Here’s why.

First, ‘Silent Updating’. Google Chrome runs a small process in the background at all times checking for updates from Google and silently installing them for use upon the next restart of Chrome. By default, you can only tell that Chrome has updated by looking at the ‘About Google Chrome’ window and comparing the versions. Second, Chrome uses its own Flash Player. Unlike other browsers, which use the Flash Player that is installed as a plugin, Chrome uses its own Flash Player that is built in. Google even gets beta and pre-release versions of the Flash Player, and includes an unreleased version in this case.

Due to reported problems with Flash, Apple quit shipping Flash on the Mac last October. After Chrome 10 extended sandboxing to the integrated Flash Player (it runs as a process separate from the tabs and windows), Chrome is the safest way to use the Flash plugin. In fact, it is relatively easy for Mac users to go Flash-free and use Chrome to play Flash games or video Google Silently Patches Flash Vulnerability in Chrome Before Adobe!(which is what Daring Fireball suggests doing).

Subscribe to our RSS Feed and keep following us on Twitter, Facebook and YouTube for all the latest news, updates and more.

About the Author

I am a technology enthusiast who's first major computer experience was with hacking the Sony PSP. I am an Apple Dev, and I'm currently studying Computer Programming and 3D Animation.

2 comments

Leave a comment