Flash Support Killed in QuickTime 7.3.1 Update
The typical user likely has no idea that Flash is even supported in QuickTime. But VJ apps like ArKaos VJ and other applications (like Max/MSP/Jitter patches that use this support) rely on QuickTime to support Flash. Unfortunately, as of Leopard — or any Mac updated to QuickTime 7.3.1 — that support is gone, and will most likely never return.
What’s the reason? Security:
Multiple vulnerabilities exist in QuickTime’s Flash media handler, the most serious of which may lead to arbitrary code execution. With this update, the Flash media handler in QuickTime is disabled except for a limited number of existing QuickTime movies that are known to be safe. Credit to Tom Ferris of Adobe Secure Software Engineering Team (ASSET), Mike Price of McAfee Avert Labs, and security researchers Lionel d’Hauenens & Brian Mariani of Syseclabs for reporting this issue.
About the security content of QuickTime 7.3.1 (thanks to n0s10pm for the tip!)
In case this isn’t clear, this impacts only embedded Flash files within QuickTime, not Flash itself. But because some apps use QuickTime as a way of hooking in support for Flash animations, that’s a big deal — at least for someone. Windows users are impacted, too; this covers both platforms, though at least Windows users have the option of using Flash integration features available only on that OS.
Now, admittedly, the small niche pushing the limits of QuickTime and digital visuals is dwarfed by the potentially-enormous crowd who could be impacted by this vulnerability. But there’s clearly a philosophical problem here we’ve seen before: instead of fixing the vulnerability and providing a replacement, the entire idea is axed. Necessary? Perhaps, but I would love to see Adobe address ways of more easily integrating Flash technology with other applications. As the Flash/Flex platform grows, the potential here could be wide enough to justify the effort, especially as applications (not just VJ apps) add rich client features.
And in the meantime, if you use a tool that uses this support, you may want to hunt down an old installer or hold off upgrading. (Reverting to older versions is, unfortunately, really hard — you have to completely uninstall QuickTime, and you’ll only have luck if you’re on Tiger or earlier as far as I know.)




We already knew that Leopard would be a major new OS release for Apple in the visual sense with Core Animation, much as Tiger was with Quartz Composer, Core Video, and Core Image. We should know a lot more at Apple’s developer conference in June. There are some additional details in Apple’s latest WWDC announcement, under 
Linux is looking better and better as a fully open-source, multimedia-optimized operating system for visualists. Adobe has announced the availability of Flash Player for Linux. The bad news is, it’s x86 only, and as expected, there may be some issues. But the good news is, it’s here, and early reports indicate it works. Even as a regular Mac and Windows user, I can see building a cheap PC box for an installation and saving the cash I’d normally have to spend on a Windows license. Download Squad has some good commentary and links. If you’re on Linux, just go grab the player the normal way, and you’ll get a Linux option (neat!)





