|
MS-DEFCON 3:
Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.
|
-
1000002: Links to Flash update resources
Posted on Comment on the AskWoody LoungeThis topic contains 77 replies, has 18 voices, and was last updated by
Kirsty 2 days, 1 hour ago.-
AKB1000002: Links to Flash update resources
By @kirsty
Published 3 Feb 2017: rev 1.2
Links for Offline Installers from Adobe:
For Firefox: npapi.exe
For Chrome/Opera: ppapi.exe
For Internet Explorer (ActiveX): ax.exe
Link for Online Updater from Adobe: get.adobe.comAdobe Release Notes for Flash Player
Adobe Latest Version for Flash Player
Check your Flash version
Websearch Adobe Flash issues
Flash Uninstaller
Flash & The Future of Interactive Content (Abode, July 25, 2017)
-
-
Woody,
The link you provided to, Check your Flash version, https://helpx.adobe.com/flash-player.html is actually a help page that shows how to, “Install Flash Player in five easy steps” along with a link you can click to, “Check if Flash Player is installed on your computer”. In my case the link shows that I have version 24.0.0, but it doesn’t show if its version, 24.0.0.168, or version 24.0.0.194
The About Adobe Flash page found at https://www.adobe.com/software/flash/about/ might be more useful. When the page opens, it automatically indicates which version of flash player is installed which in my case is version 24.0.0.194. Below the version box there’s a table that indicates the most recent version for each platform and each browser.
If the flash player does need to be updated, there is a “Player Download Center” link just above the table that will take you directly to the update page for the platform and browser that you are using to view the article. To check for flash player updates for other platforms and browsers just open, https://www.adobe.com/software/flash/about/ from that browser, and use the same “Player Download Center” link to update it.
-
-
Good you have confirmed you are up to date, and that it worked for you.
🙂
-
-
Thanks for your input.
https://www.adobe.com/software/flash/about/ is the link under “Adobe Latest Version for Flash Player”.
-
-
anonymousFyi, the free Avast antivirus program(for home users) has an optional Software Updater scanner/tool(installed by default) which can update the Adobe Flash Player for both the Firefox n IE browsers, besides updating other programs, eg 7-Zip, Java Runtime, VLC, etc.
1 user thanked author for this post.
-
Permalink for the latest Flash Player Uninstaller: http://download.macromedia.com/get/flashplayer/current/support/uninstall_flash_player.exe.
Useful prior to switching between major versions and when troubleshooting bugs/crashes, or when flushing out old or multiple versions etc.
4 users thanked author for this post.
-
-
Not quite manual. Go inside the Chrome URL Bar and type “chrome://components”. This takes you to the internal Chrome Components Updates page. Scroll down to Flash Player, and hit its Update button. If there’s an available update, this will update just the Flash Player, not the browser itself.
Chrome went over to Component Updating around Chrome 50.While these updates should fire off automatically, sometimes they fail to do so. Also, the Main Branch (Chromexxx.m) gets the updates later than the Dev (Canary) Branch or the Beta Branch. I run Chrome Beta for this reason.
For Edge and IE, use the wushowhide trick to block any unwanted MS Updates, and just run MS Updates for Flash Player and if available, Microsoft Malicious Software Removal Tool. Save the CU’s for the end of the month.
-- rc primak
1 user thanked author for this post.
-
-
anonymousI believe the online Adobe Flash Player Settings Manager also has a few options that are only accessible at http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html also.
1 user thanked author for this post.
-
anonymous-
This may be what you are referring to:
-
-
anonymous -
anonymous -
Latest Version: 25.0.0.127
Offline Installers are available online (see bottom of linked page for relevant version).Adobe Security Bulletin: 14 March 2017
1 user thanked author for this post.
-
Latest Version 25.0.0.148
Adobe Security Bulletin: 11 April 2017Offline Installers are available online (see bottom of linked page for relevant version).
Online installer link: https://get.adobe.com/flashplayer/
-
-
-
-
A link in the security bulletin I posted today leads you to:
https://technet.microsoft.com/en-us/library/security/MS17-023You should find the necessary links you seek there.
Executive Summary
This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.
This security update is rated Critical. The update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10, Internet Explorer 11, and Microsoft Edge. For more information, see the Affected Software section.
For more information about this update, see Microsoft Knowledge Base Article 4014329.
1 user thanked author for this post.
-
-
-
-
Latest Version 25.0.0.171
Adobe Security Bulletin: May 9, 2017Adobe Offline Installers are available online (see bottom of linked page for relevant version).
Adobe Online installer link: https://get.adobe.com/flashplayer/
MS Windows Support link: KB4020821
-
-
There is a huge shift away from it, and if you can manage without it, that’s good.
However, if you do require it, it needs to be kept up to date. If possible, have it set to “ask first” before it activates.
2 users thanked author for this post.
-
-
Latest Version:
26.0.0.126 (Desktop Runtime & Google Chrome) &
26.0.0.120 (IE11 & Edge on Win 8.1, 10)
Adobe Security Bulletin: June 13, 2017Adobe Offline Installers are available online (see bottom of linked page for relevant version)
Adobe Online installer link: https://get.adobe.com/flashplayer/
MS Security Advisory: ADV170007
-
anonymous-
According to the release notes, this is a bug fix, not a security update 🙂
June 16, 2017
In today’s release, we’ve updated Flash Player to address a bug that was impacting some Flash content. If you are having problems interacting with mouse button presses or drag and drop actions, we recommend you update to today’s release.June 13, 2017
In today’s scheduled release, we’ve updated Flash Player and AIR with important bug fixes, security updates, and new features.
-
From Michael Horowitz on computerworld.com:
Flash Player Updated just 3 days after an update
Jun 18, 2017The latest version is now 26.0.0.131, except, of course, with Microsoft’s browsers.
The version used by the Edge browser was not updated and it remains at 26.0.0.120. The situation with Internet Explorer is so poorly explained, I can’t even guess.
According to Adobe, “Internet Explorer – ActiveX” should be using the new version 26.0.0.131 while “Internet Explorer (embedded – Windows 8.1) – ActiveX” should be using the older version 26.0.0.120. Someone at Adobe likes puzzles.
Chrome on Windows should be using the latest version, but I have found that the browser frequently reports itself as being up to date, even when the Flash Player is not. To force Chrome to update Flash, see my blog from February: How to immediately update Flash in Chrome.
Read the full article here
1 user thanked author for this post.
-
-
-
The July critical updates to Adobe Flash Player for all browsers have now gone live. Here are the direct download links for version 26.0.0.137; right-click on a link and select “Save Link As…”:
Flash Player for Firefox 26.0.0.137 – NPAPI | 19.6 MB
Flash Player for Internet Explorer 26.0.0.137 – ActiveX | 19.1 MB
Flash Player for Opera and Chromium-based browsers 26.0.0.137 – PPAPI | 19.6 MB
For a clean installation, existing versions must first be uninstalled: Adobe Flash Player Uninstaller 26.0.0.137 | 1.22 MB
(Adobe Flash Player for IE and Edge in Win 8, 8.1 and 10 will be available through Windows Update sometime after 10 AM (PT) Tuesday, 11 July 2017.)
-
Latest Version:
26.0.0.151 (Desktop Runtime & Google Chrome) & (IE11 & Edge on Win 8.1, 10)
Adobe Security Bulletin: August 8, 2017Adobe Offline Installers are available online (see bottom of linked page for relevant version)
Adobe Online installer link: https://get.adobe.com/flashplayer/
MS Security Advisory: ADV170009
1 user thanked author for this post.
-
-
Yes, Win7 only. Flash is provided for IE11 by MS for Win8.1 and Win10.
1 user thanked author for this post.
-
-
From Kaspersky Lab’s threatpost.com:
Patched Flash Player Sandbox Escape Leaked Windows Credentials
by Michael Mimoso | August 10, 2017
One of the patches included in Tuesday’s Adobe Flash Player update was a do-over after the researcher who privately reported the problem earlier this year discovered the original patch incompletely resolved the issue.Dutch researcher Bjorn Ruytenberg disclosed details after Adobe updated the soon-to-be deprecated Flash Player on Tuesday to version 26. Flash Player 23, released close to a year ago, closed off a local sandbox escape, but Ruytenberg found the update failed to address the vulnerability locally if networking was enabled, or remotely.
Read the full article here
1 user thanked author for this post.
-
Further, from bleepingcomputer.com:
Recently Patched Flash Bug Can Leak Windows Credentials
By Catalin Cimpanu | August 11, 2017
Earlier this week, Adobe patched a vulnerability in Flash Player that allows an attacker to use malicious Flash files to leak Windows credentials.The security issue is tracked under the CVE-2017-3085 identifier and affects Flash Player versions from 23.0.0.162 up to 26.0.0.137, running on Windows XP, Vista, 7, 8.x, and 10.
Read the full article here
1 user thanked author for this post.
-
-
-
This is the US-Cert Alert related to Woody’s blogpost Adobe Flash player security update is out (October 16th):
Adobe Releases Security Updates
https://www.us-cert.gov/ncas/current-activity/2017/10/16/Adobe-Releases-Security-UpdatesOriginal release date: October 16, 2017
Adobe has released security updates to address a vulnerability in Adobe Flash Player. A remote attacker could exploit this vulnerability to take control of an affected system.US-CERT encourages users and administrators to review Adobe Security Bulletin APSB17-32 (link is external) and apply the necessary updates.
1 user thanked author for this post.
-
Another update for Adobe Flash Player, is for functionality NOT security reasons:
Release Notes for Flash Player 27 and AIR 27
Welcome to the Flash Player and AIR 27 release notes!
October 25, 2017
In today’s release, we’ve updated Flash Player with an important functional fix impacting Flex content and recommend those users impacted update.Thanks to @ajnorth for the permalinks to the current updates, in addition to the permalinks at the top of this topic:
NPAPI: https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player.exe
AX: https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player_ax.exe
PPAPI: https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player_ppapi.exe
Uninstaller: http://download.macromedia.com/get/flashplayer/current/support/uninstall_flash_player.exe
-
Get the newest Flash 27 updates here (ActiveX for XP/Vista/Win7) (NPAPI) (PPAPI)
Adobe has silently updated this packages to 27.0.0.183 as I’ve just downloaded these updates myself today.The Adobe Flash Player “about” versions page now mentions v27.0.0.183:
http://get.adobe.com/flashplayer/about/According to Release Notes, no changes since Oct. 25th, but according to the About Flash page, updates have been issued for other than Win8.1 & Win10 (links to both pages above)
-
-
Adobe Releases Security Updates
https://www.us-cert.gov/ncas/current-activity/2017/11/14/Adobe-Releases-Security-UpdatesOriginal release date: November 14, 2017
Adobe has released security updates to address vulnerabilities in Flash Player, Photoshop CC, Adobe Connect, DNG Converter, InDesign, Digital Editions, Shockwave Player, and Experience Manager. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.US-CERT encourages users and administrators to review Adobe Security Bulletins APSB17-33, APSB17-34, APSB17-35, APSB17-37, APSB17-38, APSB17-39, APSB17-40, and APSB17-41, and apply the necessary updates.
-
Adobe Security Bulletin
https://helpx.adobe.com/security/products/flash-player/apsb17-42.html
Security updates available for Flash Player | APSB17-42
Last Published: December 13, 2017Bulletin ID: APSB17-42
Date Published: December 12, 2017
Priority: 2Summary
Adobe has released a security update for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. This update addresses a regression that could lead to the unintended reset of the global settings preference file.Affected Product Versions : 27.0.0.187
Solution: 28.0.0.126(No US-Cert post found yet)
1 user thanked author for this post.
-
anonymous-
Depending on the browser you are using, the links above may apply.
-
-
Adobe Security Bulletin
https://helpx.adobe.com/security/products/flash-player/apsb18-01.htmlSecurity updates available for Flash Player | APSB18-01
Bulletin ID: APSB18-01
Date Published: January 9, 2018
Priority: 2
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address an important out-of-bounds read vulnerability that could lead to information exposure.Affected Product Versions: 28.0.0.126
Solution: 28.0.0.137
-
Security updates available for Flash Player | APSB18-03
https://helpx.adobe.com/security/products/flash-player/apsb18-03.htmlBulletin ID: APSB18-03
Date Published: February 6, 2018
Priority: 1
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities that could lead to remote code execution in Adobe Flash Player 28.0.0.137 and earlier versions. Successful exploitation could potentially allow an attacker to take control of the affected system.Adobe is aware of a report that an exploit for CVE-2018-4878 exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious Flash content distributed via email.
Affected Product Versions: 28.0.0.137
Solution: 28.0.0.161
-
Adobe AIR has been updated to version 29.0.0.112 – https://get.adobe.com/air/
Adobe Flash Player has been updated to version 29.0.0.113. Executables for manual installation (Right-click; select Save Link As):Flash Player for Firefox 29.0.0.113 – NPAPI
Flash Player for Internet Explorer 29.0.0.113 – ActiveX
Flash Player for Opera and Chromium-based browsers 29.0.0.113 – PPAPI
-
Security updates available for Flash Player | APSB18-16
https://helpx.adobe.com/security/products/flash-player/apsb18-16.htmlBulletin ID: APSB18-16
Date Published: May 8, 2018
Priority: 2Summary:
Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player 29.0.0.140 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.Affected Product Versions: 29.0.0.140 and earlier versions
Solution: 29.0.0.171Find links above for updates
Security bulletins were also issued for Creative Cloud Desktop Application (Priority 2) & Adobe Connect (Priority 2)
2 users thanked author for this post.
-
Adobe Security Bulletin:
Security updates available for Flash Player | APSB18-19
https://helpx.adobe.com/security/products/flash-player/apsb18-19.htmlBulletin ID: APSB18-19
Date Published: June 7, 2018
Priority: 1Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player 29.0.0.171 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.Adobe is aware of a report that an exploit for CVE-2018-5002 exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious Flash Player content distributed via email.
Affected Product Versions: 29.0.0.171 and earlier versions
Solution: 30.0.0.113
Find links above for updates for browser versionsSee also, on Code Red: Adobe Flash Zero Day Patch
-
Find links above for updates for browser versions
… or, for the 47% running Windows 8.1/10, find them here:
2018-06 Security Update for Adobe Flash Player for Windows 8.1/10
Knuckle draggerCannon fodderChumpDaft gluttonIdiotSuckerMore intrepidCrazy/ignorantToxic drinkerSaluted blockhead"Unwashed mass" (Group ASAP) Win10 v.19031 user thanked author for this post.
-
I am aware of people successfully loading the appropriate browser updates for Flash, in Win10 machines (they are using non-MS browsers, as far as I know).
-
… or, for the 47% running Windows 8.1/10, find them here: 2018-06 Security Update for Adobe Flash Player for Windows 8.1/10
As far as I know, that will only help you if you only want to update Flash in IE and Edge. If you’re one of the 84% who doesn’t use MS browsers, you’ll still have to get the updates from Adobe.
Group "L" (KDE Neon User Edition 5.15.5 & Kubuntu 18.04).
1 user thanked author for this post.
-
-
-
-
Adobe Security Bulletin:
Security updates available for Flash Player | APSB18-24
https://helpx.adobe.com/security/products/flash-player/apsb18-24.htmlBulletin ID: APSB18-24
Date Published: July 10, 2018
Priority: 2
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player 30.0.0.113 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.Affected Product Versions: 30.0.0.113 and earlier versions
Solution: 30.0.0.134
Find links above for updates for browser versions
KB 4338832 for Win8.1/10 offline installer (prerequisite noted: KB 4132216 SSU)
-
Adobe Security Bulletin:
Security updates available for Flash Player | APSB18-25
https://helpx.adobe.com/security/products/flash-player/apsb18-25.htmlBulletin ID: APSB18-25
Date Published: August 14, 2018
Priority: 2
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address important vulnerabilities in Adobe Flash Player 30.0.0.134 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.Affected Product Versions: 30.0.0.134 and earlier versions
Solution: 30.0.0.154
Find links above for updates for browser versions
KB 4343902 for Win8.1/10 offline installer (prerequisite noted: KB 4132216 SSU)
-
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-31
https://helpx.adobe.com/security/products/flash-player/apsb18-31.htmlBulletin ID: APSB18-31
Date Published: September 11, 2018
Priority: 2
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address an important vulnerability in Adobe Flash Player 30.0.0.154 and earlier versions. Successful exploitation could lead to information disclosure.Affected Product Versions: 30.0.0.154 and earlier versions
Solution: 31.0.0.108
Find links above for updates for browser versions
KB 4457146 for Win8.1/10 offline installer (same prerequisite as last month’s)
-
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-39
https://helpx.adobe.com/security/products/flash-player/apsb18-39.htmlBulletin ID: APSB18-39
Date Published: Noveember 13, 2018
Priority: 2
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address an important vulnerability in Adobe Flash Player 31.0.0.122 and earlier versions. Successful exploitation could lead to information disclosure.Affected Product Versions: 31.0.0.122 and earlier versions
Solution: 31.0.0.148
Find links above for updates for browser versions
KB 4467694 for Win8.1/10 offline installer (prerequisities mentioned)
2 users thanked author for this post.
-
The Security Bulletin related to today’s blogpost: Out of band update for Adobe Flash Player Nov. 19, 2018
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-44
https://helpx.adobe.com/security/products/flash-player/apsb18-44.htmlBulletin ID: APSB18-44
Date Published: November 20, 2018
Priority: 1 (except Linux – priority 3)
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address a critical vulnerability in Adobe Flash Player 31.0.0.148 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.Technical details about this vulnerability are publicly available.
Further details (& Microsoft Catalog link) are in the blogpost; links, as always, are above.
-
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-42
https://helpx.adobe.com/security/products/flash-player/apsb18-42.htmlBulletin ID: APSB18-42
Date Published: December 05, 2018
Priority: 1 (except Linux – priority 3)
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address one critical vulnerability in Adobe Flash Player and one important vulnerability in Adobe Flash Player installer. Successful exploitation could lead to Arbitrary Code Execution and privilege escalation in the context of the current user respectively.Adobe is aware of reports that an exploit for CVE-2018-15982 exists in the wild.
Adobe Flash Player Affected Product Versions: 31.0.0.153 and earlier versions
Solution: 32.0.0.101Adobe Flash Player Installer Affected Product Versions: 31.0.0.108 and earlier (priority 2)
Solution: 31.0.0.122
Find links above for updates for browser versions
KB 4471331 for Win8.1/10 offline installer
(MS KB information)
-
Wow also ANOTHER out-of-band Adobe Flash update on WU and in the catalog for december 2018:
https://www.theregister.co.uk/2018/12/05/flash_zeroday_adobe/
********** Peng/Wins x86/x64 **********
1 user thanked author for this post.
-
-
This is NOT A SECURITY UPDATE (yes, confusing!)
Security updates available for Flash Player | APSB19-01
https://helpx.adobe.com/security/products/flash-player/apsb19-01.htmlBulletin ID: APSB19-01
Date Published: January 08, 2019
Priority: 3
Summary:
Adobe has released updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address feature and performance bugs, and do not include security fixes.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190001:Note: Please disregard mentions of security or vulnerability in this advisory. These are hardcoded titles that we were unable to change for this non-security Adobe Flash update.
❗
-
Adobe Security Bulletin
Security updates available for Flash Player | APSB19-06
https://helpx.adobe.com/security/products/flash-player/apsb19-06.htmlLast Published: February 13, 2019
Bulletin ID: APSB19-06
Date Published: February 12, 2019
Priority: 2Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address one important vulnerability in Adobe Flash Player. Successful exploitation could lead to information disclosure in the context of the current user.
Affected Product Versions: 32.0.0.114 and earlierSolution: 32.0.0.142
Find links above for updates for browser versions
KB 4487038 for Win8.1/10 offline installer
(MS KB information)
Security Updates were also issued for Creative Cloud Desktop (Priority 3), as well as Acrobat/Reader
1 user thanked author for this post.
-
Adobe Security Bulletin
Security updates available for Flash Player | APSB19-19
https://helpx.adobe.com/security/products/flash-player/apsb19-19.htmlLast Published: April 10, 2019
Bulletin ID: APSB19-19
Date Published: April 9, 2019
Priority: 2
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address a critical and an important vulnerability in Adobe Flash Player. Successful exploitation could lead to arbitrary code execution in the context of the current user.Affected Product Versions: 32.0.0.156 and earlier
Solution: 32.0.0.171
Find links above for updates for browser versions
KB 4493478 for Win8.1/10 offline installer
(MS KB information)
-
Adobe Security Bulletin
Security updates available for Flash Player | APSB19-26
https://helpx.adobe.com/security/products/flash-player/apsb19-26.htmlLast Published: May 14, 2019
Bulletin ID: APSB19-26
Date Published: May 15, 2019
Priority: 2
Summary
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address a critical vulnerability in Adobe Flash Player. Successful exploitation could lead to arbitrary code execution in the context of the current user.Affected Product Versions: 32.0.0.171 and earlier
Solution: 32.0.0.192
Find links above for updates for browser versions
KB 4497932 for Win8.1/10 offline installer
(MS KB information)
