Adobe has released version 11.3 of its Flash plug-in, which in addition to addressing a few security holes and offering improved input management and sound performance, includes a background-updating feature. This feature debuted for Windows systems in Flash 11.2, but this latest update has implemented it on the Mac.
Adobe Flash Player's popularity makes it a target for malware developers, who not only attempt to exploit its code, but also mask their distributions as fake Flash Player installations. As a result, many people have come to distrust update announcements and recommendations for Flash, even when they have been legitimate.
To tackle this and work to keep most people keep up-to-date with Flash, Adobe has implemented this new background-updating feature. When you download and install Flash 11.3, the installer will offer you to have Flash automatically update, only notify you of available updates, or never check for updates. If you choose the option to updates automatically, Flash will check for updates on a daily basis and install them in the background. The update behavior options can be changed in the Flash Player system preferences pane.
The automatic updating works by using a launch daemon called "com.adobe.fpsaud.plist" located in the /Library/LaunchDaemons/ folder. This causes the system launcher (launchd) to open a small program called "fpsaud" (likely standing for Flash Player Silent Auto Updater) which is located within the Adobe Flash install manager utility. When fpsaud opens it will check the current version and the available version for the presence of an updated Flash player version, and will then install it if needed. The installation of the new version is silent, so users will not be prompted to download, and will instead be automatically updated to the latest version.
While this update scheme is beneficial, it might at first glance appear alarming to some people who have researched Flashback and other recent malware attacks on OS X, where malicious programs have used similarly named launch agent files that have targeted small updaters and installers in similar ways. Therefore, if you suspect a computer may be affected by malware and are investigating the system's various LaunchAgents and LaunchDaemons folders, if you see the presence of the "com.adobe.fpsaud.plist" file that targets the "fpsaud" program then do not be alarmed.
This move by Adobe is a great step toward securing Mac users from known vulnerabilities in Flash, and will ensure that users will always be running the latest versions. This feature comes soon after Apple's release of Safari 5.1.7, which automatically disables older versions of Flash when new ones become available. Therefore, Mac users who have the latest versions of both Safari and Flash on their systems should have two ways to stay up-to-date.
You can download the Flash 11.3 update from the Adobe Flash Web page.