The typical user likely has no idea that Flash is even supported in QuickTime. But VJ apps like ArKaos VJ and other applications (like Max/MSP/Jitter patches that use this support) rely on QuickTime to support Flash. Unfortunately, as of Leopard — or any Mac updated to QuickTime 7.3.1 — that support is gone, and will most likely never return.
What’s the reason? Security:
Multiple vulnerabilities exist in QuickTime’s Flash media handler, the most serious of which may lead to arbitrary code execution. With this update, the Flash media handler in QuickTime is disabled except for a limited number of existing QuickTime movies that are known to be safe. Credit to Tom Ferris of Adobe Secure Software Engineering Team (ASSET), Mike Price of McAfee Avert Labs, and security researchers Lionel d’Hauenens & Brian Mariani of Syseclabs for reporting this issue.
About the security content of QuickTime 7.3.1 (thanks to n0s10pm for the tip!)
In case this isn’t clear, this impacts only embedded Flash files within QuickTime, not Flash itself. But because some apps use QuickTime as a way of hooking in support for Flash animations, that’s a big deal — at least for someone. Windows users are impacted, too; this covers both platforms, though at least Windows users have the option of using Flash integration features available only on that OS.
Now, admittedly, the small niche pushing the limits of QuickTime and digital visuals is dwarfed by the potentially-enormous crowd who could be impacted by this vulnerability. But there’s clearly a philosophical problem here we’ve seen before: instead of fixing the vulnerability and providing a replacement, the entire idea is axed. Necessary? Perhaps, but I would love to see Adobe address ways of more easily integrating Flash technology with other applications. As the Flash/Flex platform grows, the potential here could be wide enough to justify the effort, especially as applications (not just VJ apps) add rich client features.
And in the meantime, if you use a tool that uses this support, you may want to hunt down an old installer or hold off upgrading. (Reverting to older versions is, unfortunately, really hard — you have to completely uninstall QuickTime, and you’ll only have luck if you’re on Tiger or earlier as far as I know.)