|
MS-DEFCON 1:
Current Microsoft patches are causing havoc. Don't patch.
|
-
1000002: Links to Flash update resources
Posted on Comment on the AskWoody LoungeThis topic contains 66 replies, has 17 voices, and was last updated by
Kirsty 1 week, 5 days ago.
-
AKB1000002: Links to Flash update resources
By @kirsty
Published 3 Feb 2017: rev 1.2
Links for Offline Installers from Adobe:
For Firefox: npapi.exe
For Chrome/Opera: ppapi.exe
For Internet Explorer (ActiveX): ax.exe
Link for Online Updater from Adobe: get.adobe.comAdobe Release Notes for Flash Player
Adobe Latest Version for Flash Player
Check your Flash version
Websearch Adobe Flash issues
Flash Uninstaller
Flash & The Future of Interactive Content (Abode, July 25, 2017)
-
-
Woody,
The link you provided to, Check your Flash version, https://helpx.adobe.com/flash-player.html is actually a help page that shows how to, “Install Flash Player in five easy steps” along with a link you can click to, “Check if Flash Player is installed on your computer”. In my case the link shows that I have version 24.0.0, but it doesn’t show if its version, 24.0.0.168, or version 24.0.0.194
The About Adobe Flash page found at https://www.adobe.com/software/flash/about/ might be more useful. When the page opens, it automatically indicates which version of flash player is installed which in my case is version 24.0.0.194. Below the version box there’s a table that indicates the most recent version for each platform and each browser.
If the flash player does need to be updated, there is a “Player Download Center” link just above the table that will take you directly to the update page for the platform and browser that you are using to view the article. To check for flash player updates for other platforms and browsers just open, https://www.adobe.com/software/flash/about/ from that browser, and use the same “Player Download Center” link to update it.
1 user thanked author for this post.
-
-
Good you have confirmed you are up to date, and that it worked for you.
🙂
-
-
Thanks for your input.
https://www.adobe.com/software/flash/about/ is the link under “Adobe Latest Version for Flash Player”.
-
-
anonymous -
19 old updates for Flash Player for Windows 2012 R2 have been expired by Microsoft as today 2nd February 2017. I don’t have confirmation for Windows 8.1 or other versions, but I think this applies at least to Windows 8.1.
This is part of the maintenance effort to avoid the slowing down of the scans for Windows Update.
There is more to be done in the Windows 8.1/2012 R2 space as based on my experience, Windows Update for both OS is slow, similar to what was experienced with Windows 7 in the recent past. This is more true for new installations or those who are far behind in keeping up with all updates. There are ways around the issue, but I think the reason that the issue is not so visible is that Windows 8.1 is a lot less in use than Windows 7.
The server OS is normally maintained differently and is less within the scope of the current discussion.EDIT:
It appears that there have been a large number of IE CUs for Windows 8.1 which have been expired today, while the same Flash Player older updates which are now expired for Windows 2012 R2, were expired a week ago for Windows 8.1, at the same time with the CU updates expired for 2012 R2.
As I said in the original post, this is normal ongoing maintenance which has not been happening very much in the past few years, generating slow WU scanning.-
This reply was modified 1 year, 5 months ago by
ch100. Reason: Update
-
This reply was modified 1 year, 5 months ago by
-
Permalink for the latest Flash Player Uninstaller: http://download.macromedia.com/get/flashplayer/current/support/uninstall_flash_player.exe.
Useful prior to switching between major versions and when troubleshooting bugs/crashes, or when flushing out old or multiple versions etc.
4 users thanked author for this post.
-
-
Not quite manual. Go inside the Chrome URL Bar and type “chrome://components”. This takes you to the internal Chrome Components Updates page. Scroll down to Flash Player, and hit its Update button. If there’s an available update, this will update just the Flash Player, not the browser itself.
Chrome went over to Component Updating around Chrome 50.While these updates should fire off automatically, sometimes they fail to do so. Also, the Main Branch (Chromexxx.m) gets the updates later than the Dev (Canary) Branch or the Beta Branch. I run Chrome Beta for this reason.
For Edge and IE, use the wushowhide trick to block any unwanted MS Updates, and just run MS Updates for Flash Player and if available, Microsoft Malicious Software Removal Tool. Save the CU’s for the end of the month.
-- rc primak
1 user thanked author for this post.
-
-
anonymousI believe the online Adobe Flash Player Settings Manager also has a few options that are only accessible at http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html also.
1 user thanked author for this post.
-
anonymous-
This may be what you are referring to:
-
-
anonymous -
anonymous -
Latest Version: 25.0.0.127
Offline Installers are available online (see bottom of linked page for relevant version).Adobe Security Bulletin: 14 March 2017
-
This reply was modified 1 year, 4 months ago by
1 user thanked author for this post.
-
This reply was modified 1 year, 4 months ago by
-
Latest Version 25.0.0.148
Adobe Security Bulletin: 11 April 2017Offline Installers are available online (see bottom of linked page for relevant version).
Online installer link: https://get.adobe.com/flashplayer/
-
-
FlashPlayer for IE11 from Adobe is only necessary for Win7. The FlashPlayer update for IE11 for Win8.1 and Win10 are provided by Microsoft through WU.
-
This reply was modified 1 year, 3 months ago by
PKCano.
-
-
A link in the security bulletin I posted today leads you to:
https://technet.microsoft.com/en-us/library/security/MS17-023You should find the necessary links you seek there.
Executive Summary
This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.
This security update is rated Critical. The update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10, Internet Explorer 11, and Microsoft Edge. For more information, see the Affected Software section.
For more information about this update, see Microsoft Knowledge Base Article 4014329.
1 user thanked author for this post.
-
This reply was modified 1 year, 3 months ago by
-
-
-
Latest Version 25.0.0.171
Adobe Security Bulletin: May 9, 2017Adobe Offline Installers are available online (see bottom of linked page for relevant version).
Adobe Online installer link: https://get.adobe.com/flashplayer/
MS Windows Support link: KB4020821
-
-
There is a huge shift away from it, and if you can manage without it, that’s good.
However, if you do require it, it needs to be kept up to date. If possible, have it set to “ask first” before it activates.
2 users thanked author for this post.
-
-
Latest Version:
26.0.0.126 (Desktop Runtime & Google Chrome) &
26.0.0.120 (IE11 & Edge on Win 8.1, 10)
Adobe Security Bulletin: June 13, 2017Adobe Offline Installers are available online (see bottom of linked page for relevant version)
Adobe Online installer link: https://get.adobe.com/flashplayer/
MS Security Advisory: ADV170007
-
anonymous-
According to the release notes, this is a bug fix, not a security update 🙂
June 16, 2017
In today’s release, we’ve updated Flash Player to address a bug that was impacting some Flash content. If you are having problems interacting with mouse button presses or drag and drop actions, we recommend you update to today’s release.June 13, 2017
In today’s scheduled release, we’ve updated Flash Player and AIR with important bug fixes, security updates, and new features.
-
From Michael Horowitz on computerworld.com:
Flash Player Updated just 3 days after an update
Jun 18, 2017The latest version is now 26.0.0.131, except, of course, with Microsoft’s browsers.
The version used by the Edge browser was not updated and it remains at 26.0.0.120. The situation with Internet Explorer is so poorly explained, I can’t even guess.
According to Adobe, “Internet Explorer – ActiveX” should be using the new version 26.0.0.131 while “Internet Explorer (embedded – Windows 8.1) – ActiveX” should be using the older version 26.0.0.120. Someone at Adobe likes puzzles.
Chrome on Windows should be using the latest version, but I have found that the browser frequently reports itself as being up to date, even when the Flash Player is not. To force Chrome to update Flash, see my blog from February: How to immediately update Flash in Chrome.
Read the full article here
1 user thanked author for this post.
-
-
-
The July critical updates to Adobe Flash Player for all browsers have now gone live. Here are the direct download links for version 26.0.0.137; right-click on a link and select “Save Link As…”:
Flash Player for Firefox 26.0.0.137 – NPAPI | 19.6 MB
Flash Player for Internet Explorer 26.0.0.137 – ActiveX | 19.1 MB
Flash Player for Opera and Chromium-based browsers 26.0.0.137 – PPAPI | 19.6 MB
For a clean installation, existing versions must first be uninstalled: Adobe Flash Player Uninstaller 26.0.0.137 | 1.22 MB
(Adobe Flash Player for IE and Edge in Win 8, 8.1 and 10 will be available through Windows Update sometime after 10 AM (PT) Tuesday, 11 July 2017.)
-
Latest Version:
26.0.0.151 (Desktop Runtime & Google Chrome) & (IE11 & Edge on Win 8.1, 10)
Adobe Security Bulletin: August 8, 2017Adobe Offline Installers are available online (see bottom of linked page for relevant version)
Adobe Online installer link: https://get.adobe.com/flashplayer/
MS Security Advisory: ADV170009
1 user thanked author for this post.
-
-
Yes, Win7 only. Flash is provided for IE11 by MS for Win8.1 and Win10.
1 user thanked author for this post.
-
-
From Kaspersky Lab’s threatpost.com:
Patched Flash Player Sandbox Escape Leaked Windows Credentials
by Michael Mimoso | August 10, 2017
One of the patches included in Tuesday’s Adobe Flash Player update was a do-over after the researcher who privately reported the problem earlier this year discovered the original patch incompletely resolved the issue.Dutch researcher Bjorn Ruytenberg disclosed details after Adobe updated the soon-to-be deprecated Flash Player on Tuesday to version 26. Flash Player 23, released close to a year ago, closed off a local sandbox escape, but Ruytenberg found the update failed to address the vulnerability locally if networking was enabled, or remotely.
Read the full article here
1 user thanked author for this post.
-
Further, from bleepingcomputer.com:
Recently Patched Flash Bug Can Leak Windows Credentials
By Catalin Cimpanu | August 11, 2017
Earlier this week, Adobe patched a vulnerability in Flash Player that allows an attacker to use malicious Flash files to leak Windows credentials.The security issue is tracked under the CVE-2017-3085 identifier and affects Flash Player versions from 23.0.0.162 up to 26.0.0.137, running on Windows XP, Vista, 7, 8.x, and 10.
Read the full article here
1 user thanked author for this post.
-
-
-
This is the US-Cert Alert related to Woody’s blogpost Adobe Flash player security update is out (October 16th):
Adobe Releases Security Updates
https://www.us-cert.gov/ncas/current-activity/2017/10/16/Adobe-Releases-Security-UpdatesOriginal release date: October 16, 2017
Adobe has released security updates to address a vulnerability in Adobe Flash Player. A remote attacker could exploit this vulnerability to take control of an affected system.US-CERT encourages users and administrators to review Adobe Security Bulletin APSB17-32 (link is external) and apply the necessary updates.
1 user thanked author for this post.
-
Another update for Adobe Flash Player, is for functionality NOT security reasons:
Release Notes for Flash Player 27 and AIR 27
Welcome to the Flash Player and AIR 27 release notes!
October 25, 2017
In today’s release, we’ve updated Flash Player with an important functional fix impacting Flex content and recommend those users impacted update.Thanks to @ajnorth for the permalinks to the current updates, in addition to the permalinks at the top of this topic:
NPAPI: https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player.exe
AX: https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player_ax.exe
PPAPI: https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player_ppapi.exe
Uninstaller: http://download.macromedia.com/get/flashplayer/current/support/uninstall_flash_player.exe
-
Get the newest Flash 27 updates here (ActiveX for XP/Vista/Win7) (NPAPI) (PPAPI)
Adobe has silently updated this packages to 27.0.0.183 as I’ve just downloaded these updates myself today.The Adobe Flash Player “about” versions page now mentions v27.0.0.183:
http://get.adobe.com/flashplayer/about/According to Release Notes, no changes since Oct. 25th, but according to the About Flash page, updates have been issued for other than Win8.1 & Win10 (links to both pages above)
-
-
Adobe Releases Security Updates
https://www.us-cert.gov/ncas/current-activity/2017/11/14/Adobe-Releases-Security-UpdatesOriginal release date: November 14, 2017
Adobe has released security updates to address vulnerabilities in Flash Player, Photoshop CC, Adobe Connect, DNG Converter, InDesign, Digital Editions, Shockwave Player, and Experience Manager. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.US-CERT encourages users and administrators to review Adobe Security Bulletins APSB17-33, APSB17-34, APSB17-35, APSB17-37, APSB17-38, APSB17-39, APSB17-40, and APSB17-41, and apply the necessary updates.
-
Adobe Security Bulletin
https://helpx.adobe.com/security/products/flash-player/apsb17-42.html
Security updates available for Flash Player | APSB17-42
Last Published: December 13, 2017Bulletin ID: APSB17-42
Date Published: December 12, 2017
Priority: 2Summary
Adobe has released a security update for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. This update addresses a regression that could lead to the unintended reset of the global settings preference file.Affected Product Versions : 27.0.0.187
Solution: 28.0.0.126(No US-Cert post found yet)
1 user thanked author for this post.
-
anonymous-
Depending on the browser you are using, the links above may apply.
-
-
Adobe Security Bulletin
https://helpx.adobe.com/security/products/flash-player/apsb18-01.htmlSecurity updates available for Flash Player | APSB18-01
Bulletin ID: APSB18-01
Date Published: January 9, 2018
Priority: 2
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address an important out-of-bounds read vulnerability that could lead to information exposure.Affected Product Versions: 28.0.0.126
Solution: 28.0.0.137
-
Security updates available for Flash Player | APSB18-03
https://helpx.adobe.com/security/products/flash-player/apsb18-03.htmlBulletin ID: APSB18-03
Date Published: February 6, 2018
Priority: 1
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities that could lead to remote code execution in Adobe Flash Player 28.0.0.137 and earlier versions. Successful exploitation could potentially allow an attacker to take control of the affected system.Adobe is aware of a report that an exploit for CVE-2018-4878 exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious Flash content distributed via email.
Affected Product Versions: 28.0.0.137
Solution: 28.0.0.161
-
Adobe AIR has been updated to version 29.0.0.112 – https://get.adobe.com/air/
Adobe Flash Player has been updated to version 29.0.0.113. Executables for manual installation (Right-click; select Save Link As):Flash Player for Firefox 29.0.0.113 – NPAPI
Flash Player for Internet Explorer 29.0.0.113 – ActiveX
Flash Player for Opera and Chromium-based browsers 29.0.0.113 – PPAPI
-
Security updates available for Flash Player | APSB18-16
https://helpx.adobe.com/security/products/flash-player/apsb18-16.htmlBulletin ID: APSB18-16
Date Published: May 8, 2018
Priority: 2Summary:
Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player 29.0.0.140 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.Affected Product Versions: 29.0.0.140 and earlier versions
Solution: 29.0.0.171Find links above for updates
Security bulletins were also issued for Creative Cloud Desktop Application (Priority 2) & Adobe Connect (Priority 2)
2 users thanked author for this post.
-
Adobe Security Bulletin:
Security updates available for Flash Player | APSB18-19
https://helpx.adobe.com/security/products/flash-player/apsb18-19.htmlBulletin ID: APSB18-19
Date Published: June 7, 2018
Priority: 1Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player 29.0.0.171 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.Adobe is aware of a report that an exploit for CVE-2018-5002 exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious Flash Player content distributed via email.
Affected Product Versions: 29.0.0.171 and earlier versions
Solution: 30.0.0.113
Find links above for updates for browser versionsSee also, on Code Red: Adobe Flash Zero Day Patch
-
Find links above for updates for browser versions
… or, for the 47% running Windows 8.1/10, find them here:
2018-06 Security Update for Adobe Flash Player for Windows 8.1/10
1 user thanked author for this post.
-
I am aware of people successfully loading the appropriate browser updates for Flash, in Win10 machines (they are using non-MS browsers, as far as I know).
-
… or, for the 47% running Windows 8.1/10, find them here: 2018-06 Security Update for Adobe Flash Player for Windows 8.1/10
As far as I know, that will only help you if you only want to update Flash in IE and Edge. If you’re one of the 84% who doesn’t use MS browsers, you’ll still have to get the updates from Adobe.
1 user thanked author for this post.
-
-
You can get it for gecko based browsers and Chrome based browsers direct from Macromedia ftp download. The links for each type of Flash Player are buried in an old Adobe help page that says it is for Windows 7. However, the page is kept fully up to date for the downloads. I have bookmarked the ftp download links in my default browser and I fetch Flash Player quickly this way. I have been doing it this way for years on both Windows 8.0 Pro and Windows 10 Pro 1709.
The first link is for gecko based browsers and the second for Chromium based:
https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player.exe
https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player_ppapi.exe
(I’m not sure if ftp download links are allowed so, if not, this is the Adobe Flash Player help page where they are located UNDER “Still Having Problems”.
https://helpx.adobe.com/flash-player/kb/installation-problems-flash-player-windows.html
For IE and Edge, I get that from Microsoft update catalog (and make sure I have the current servicing stack update first).
-
This reply was modified 1 month, 2 weeks ago by
Mele20.
-
This reply was modified 1 month, 2 weeks ago by
-
Adobe Security Bulletin:
Security updates available for Flash Player | APSB18-24
https://helpx.adobe.com/security/products/flash-player/apsb18-24.htmlBulletin ID: APSB18-24
Date Published: July 10, 2018
Priority: 2
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player 30.0.0.113 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.Affected Product Versions: 30.0.0.113 and earlier versions
Solution: 30.0.0.134
Find links above for updates for browser versions
KB 4338832 for Win8.1/10 offline installer (prerequisite noted: KB 4132216 SSU)
Keep AskWoody alive and free
Shop on Amazon by clicking on our affiliate link.
Buy anything, AskWoody gets a small bounty.
No charge to you, of course.
Recent Replies
-
anonymous on
22 minutes ago -
Grond on
1 hour, 24 minutes ago -
GoneToPlaid on
2 hours, 5 minutes ago -
3 hours, 2 minutes ago
-
JohnW on
3 hours, 5 minutes ago -
OscarCP on
3 hours, 29 minutes ago -
3 hours, 42 minutes ago
-
glnz on
4 hours, 7 minutes ago -
johnf on
4 hours, 11 minutes ago -
4 hours, 17 minutes ago
-
4 hours, 23 minutes ago
-
4 hours, 24 minutes ago
-
4 hours, 26 minutes ago
-
4 hours, 36 minutes ago
-
4 hours, 37 minutes ago
-
PaulK on
4 hours, 48 minutes ago -
4 hours, 50 minutes ago
-
4 hours, 54 minutes ago
-
5 hours, 45 minutes ago
-
Charlie on
5 hours, 57 minutes ago