Apple has issued a security notice stating that the company has blocked outdated versions of Adobe Flash in Safari due to vulnerabilities. The move to block outdated Flash Player plug-ins comes after Adobe released Flash Player version 18.104.22.168 to push a fix that removes a security vulnerability (CVE-2014-4671), which could be exploited by using a tool called Rosetta Flash.
If the version of Adobe Flash plug-in you are using is out of date, you may see the message, “Blocked plug-in,” or “Flash Security Alert” or “Flash out-of-date” when attempting to view Flash content in Safari.
According to Apple’s product security team, Apple blocked the Flash Player plug-in because outdated Adobe Flash versions are vulnerable to the Rosetta Flash attack scenario, which could expose a victims sensitive data:
Due to security issues in older versions, Apple has updated the web plug-in blocking mechanism to disable all versions prior to Flash Player 14.0.0145 and 22.214.171.124.
Mac, Windows and Linux users can find additional security information about the Adobe Flash Player 126.96.36.199 update here.