Apple's Snow Leopard downgrades Flash
Apple's Snow Leopard, Mac OS X 10.6, downgrades the Adobe Flash Player installed on systems being upgraded with the updated operating system. The Flash Player version distributed with Snow Leopard is 10.0.23.1. Although this is a later version number than the most recently reported vulnerable version, it was being distributed at the same time as the flawed version and most probably suffers the same critical security issues. Adobe have confirmed the issue exists and recommend that Snow Leopard users update their Flash Player as soon as possible, by visiting http://get.adobe.com/flashplayer/ and installing version 10.0.32.18. Users can check what version of Flash Player they have installed by going to Adobe's version check page.
During the development of Snow Leopard, and as far back as early July, beta versions were shipped which included Adobe Flash Player 10.0.23.1. Towards the end of July, a critical security vulnerability was discovered in Flash Player version 10.0.22.87, the generally available Flash Player version at the time. The Flash Player was updated on the last day of July, to version 10.0.32.18, but it appears either Adobe or Apple did not ensure that this update made it onto the "gold master" of Snow Leopard which, according to reports, was sent to manufacturing in mid August. This master was used to produce the Snow Leopard DVDs, which were made available in stores on August 28th. As a result, users who had updated the Flash Player on Mac OS X 10.5.8 at the start of August, and then upgraded to Snow Leopard will find that they are back to running a version which, although there are no specific security advisories for it, is most probably vulnerable to the same flaws as Flash Player 10.0.22.87.
- Flash Player Update and Snow Leopard, Adobe PSIRT advisory