|
There are isolated problems with current patches, but they are well-known and documented on this site. |
.AKB1000002: Links to Flash update resources
By @Kirsty
Published 3 Feb 2017: rev 1.2
Links for Offline Installers from Adobe:
For Firefox: npapi.exe
For Chrome/Opera: ppapi.exe
For Internet Explorer (ActiveX): ax.exe
Link for Online Updater from Adobe: get.adobe.com
Adobe Release Notes for Flash Player
Adobe Latest Version for Flash Player
Check your Flash version
Websearch Adobe Flash issues
Flash Uninstaller
Flash & The Future of Interactive Content (Abode, July 25, 2017)
As far as I am aware, Dave, it relates to all Windows OS.
Woody,
The link you provided to, Check your Flash version, https://helpx.adobe.com/flash-player.html is actually a help page that shows how to, “Install Flash Player in five easy steps” along with a link you can click to, “Check if Flash Player is installed on your computer”. In my case the link shows that I have version 24.0.0, but it doesn’t show if its version, 24.0.0.168, or version 24.0.0.194
The About Adobe Flash page found at https://www.adobe.com/software/flash/about/ might be more useful. When the page opens, it automatically indicates which version of flash player is installed which in my case is version 24.0.0.194. Below the version box there’s a table that indicates the most recent version for each platform and each browser.
If the flash player does need to be updated, there is a “Player Download Center” link just above the table that will take you directly to the update page for the platform and browser that you are using to view the article. To check for flash player updates for other platforms and browsers just open, https://www.adobe.com/software/flash/about/ from that browser, and use the same “Player Download Center” link to update it.
Good you have confirmed you are up to date, and that it worked for you.
🙂
Thanks for your input.
https://www.adobe.com/software/flash/about/ is the link under “Adobe Latest Version for Flash Player”.
Fyi, the free Avast antivirus program(for home users) has an optional Software Updater scanner/tool(installed by default) which can update the Adobe Flash Player for both the Firefox n IE browsers, besides updating other programs, eg 7-Zip, Java Runtime, VLC, etc.
Permalink for the latest Flash Player Uninstaller: http://download.macromedia.com/get/flashplayer/current/support/uninstall_flash_player.exe.
Useful prior to switching between major versions and when troubleshooting bugs/crashes, or when flushing out old or multiple versions etc.
Not quite manual. Go inside the Chrome URL Bar and type “chrome://components”. This takes you to the internal Chrome Components Updates page. Scroll down to Flash Player, and hit its Update button. If there’s an available update, this will update just the Flash Player, not the browser itself.
Chrome went over to Component Updating around Chrome 50.While these updates should fire off automatically, sometimes they fail to do so. Also, the Main Branch (Chromexxx.m) gets the updates later than the Dev (Canary) Branch or the Beta Branch. I run Chrome Beta for this reason.
For Edge and IE, use the wushowhide trick to block any unwanted MS Updates, and just run MS Updates for Flash Player and if available, Microsoft Malicious Software Removal Tool. Save the CU’s for the end of the month.
-- rc primak
I believe the online Adobe Flash Player Settings Manager also has a few options that are only accessible at http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html also.
This may be what you are referring to:
Latest Version: 25.0.0.127
Offline Installers are available online (see bottom of linked page for relevant version).
Latest Version 25.0.0.148
Adobe Security Bulletin: 11 April 2017
Offline Installers are available online (see bottom of linked page for relevant version).
Online installer link: https://get.adobe.com/flashplayer/
A link in the security bulletin I posted today leads you to:
https://technet.microsoft.com/en-us/library/security/MS17-023
You should find the necessary links you seek there.
Executive Summary
This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.
This security update is rated Critical. The update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10, Internet Explorer 11, and Microsoft Edge. For more information, see the Affected Software section.
For more information about this update, see Microsoft Knowledge Base Article 4014329.
Latest Version 25.0.0.171
Adobe Security Bulletin: May 9, 2017
Adobe Offline Installers are available online (see bottom of linked page for relevant version).
Adobe Online installer link: https://get.adobe.com/flashplayer/
MS Windows Support link: KB4020821
There is a huge shift away from it, and if you can manage without it, that’s good.
However, if you do require it, it needs to be kept up to date. If possible, have it set to “ask first” before it activates.
Latest Version:
26.0.0.126 (Desktop Runtime & Google Chrome) &
26.0.0.120 (IE11 & Edge on Win 8.1, 10)
Adobe Security Bulletin: June 13, 2017
Adobe Offline Installers are available online (see bottom of linked page for relevant version)
Adobe Online installer link: https://get.adobe.com/flashplayer/
MS Security Advisory: ADV170007
According to the release notes, this is a bug fix, not a security update 🙂
June 16, 2017
In today’s release, we’ve updated Flash Player to address a bug that was impacting some Flash content. If you are having problems interacting with mouse button presses or drag and drop actions, we recommend you update to today’s release.June 13, 2017
In today’s scheduled release, we’ve updated Flash Player and AIR with important bug fixes, security updates, and new features.
From Michael Horowitz on computerworld.com:
Flash Player Updated just 3 days after an update
Jun 18, 2017
The latest version is now 26.0.0.131, except, of course, with Microsoft’s browsers.
The version used by the Edge browser was not updated and it remains at 26.0.0.120. The situation with Internet Explorer is so poorly explained, I can’t even guess.
According to Adobe, “Internet Explorer – ActiveX” should be using the new version 26.0.0.131 while “Internet Explorer (embedded – Windows 8.1) – ActiveX” should be using the older version 26.0.0.120. Someone at Adobe likes puzzles.
Chrome on Windows should be using the latest version, but I have found that the browser frequently reports itself as being up to date, even when the Flash Player is not. To force Chrome to update Flash, see my blog from February: How to immediately update Flash in Chrome.
Read the full article here
The July critical updates to Adobe Flash Player for all browsers have now gone live. Here are the direct download links for version 26.0.0.137; right-click on a link and select “Save Link As…”:
Flash Player for Firefox 26.0.0.137 – NPAPI | 19.6 MB
Flash Player for Internet Explorer 26.0.0.137 – ActiveX | 19.1 MB
Flash Player for Opera and Chromium-based browsers 26.0.0.137 – PPAPI | 19.6 MB
For a clean installation, existing versions must first be uninstalled: Adobe Flash Player Uninstaller 26.0.0.137 | 1.22 MB
(Adobe Flash Player for IE and Edge in Win 8, 8.1 and 10 will be available through Windows Update sometime after 10 AM (PT) Tuesday, 11 July 2017.)
Latest Version:
26.0.0.151 (Desktop Runtime & Google Chrome) & (IE11 & Edge on Win 8.1, 10)
Adobe Security Bulletin: August 8, 2017
Adobe Offline Installers are available online (see bottom of linked page for relevant version)
Adobe Online installer link: https://get.adobe.com/flashplayer/
MS Security Advisory: ADV170009
Yes, Win7 only. Flash is provided for IE11 by MS for Win8.1 and Win10.
I believe those using non-MS (& legacy) browser versions (such as Firefox ESR) are also able to download updates using the links provided.
From Kaspersky Lab’s threatpost.com:
Patched Flash Player Sandbox Escape Leaked Windows Credentials
by Michael Mimoso | August 10, 2017
One of the patches included in Tuesday’s Adobe Flash Player update was a do-over after the researcher who privately reported the problem earlier this year discovered the original patch incompletely resolved the issue.
Dutch researcher Bjorn Ruytenberg disclosed details after Adobe updated the soon-to-be deprecated Flash Player on Tuesday to version 26. Flash Player 23, released close to a year ago, closed off a local sandbox escape, but Ruytenberg found the update failed to address the vulnerability locally if networking was enabled, or remotely.
Read the full article here
Further, from bleepingcomputer.com:
Recently Patched Flash Bug Can Leak Windows Credentials
By Catalin Cimpanu | August 11, 2017
Earlier this week, Adobe patched a vulnerability in Flash Player that allows an attacker to use malicious Flash files to leak Windows credentials.
The security issue is tracked under the CVE-2017-3085 identifier and affects Flash Player versions from 23.0.0.162 up to 26.0.0.137, running on Windows XP, Vista, 7, 8.x, and 10.
Read the full article here
This is the US-Cert Alert related to Woody’s blogpost Adobe Flash player security update is out (October 16th):
Adobe Releases Security Updates
https://www.us-cert.gov/ncas/current-activity/2017/10/16/Adobe-Releases-Security-Updates
Original release date: October 16, 2017
Adobe has released security updates to address a vulnerability in Adobe Flash Player. A remote attacker could exploit this vulnerability to take control of an affected system.
US-CERT encourages users and administrators to review Adobe Security Bulletin APSB17-32 (link is external) and apply the necessary updates.
Another update for Adobe Flash Player, is for functionality NOT security reasons:
Release Notes for Flash Player 27 and AIR 27
Welcome to the Flash Player and AIR 27 release notes!
October 25, 2017
In today’s release, we’ve updated Flash Player with an important functional fix impacting Flex content and recommend those users impacted update.
Thanks to @ajnorth for the permalinks to the current updates, in addition to the permalinks at the top of this topic:
NPAPI: https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player.exe
AX: https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player_ax.exe
PPAPI: https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player_ppapi.exe
Uninstaller: http://download.macromedia.com/get/flashplayer/current/support/uninstall_flash_player.exe
Get the newest Flash 27 updates here (ActiveX for XP/Vista/Win7) (NPAPI) (PPAPI)
Adobe has silently updated this packages to 27.0.0.183 as I’ve just downloaded these updates myself today.The Adobe Flash Player “about” versions page now mentions v27.0.0.183:
http://get.adobe.com/flashplayer/about/
According to Release Notes, no changes since Oct. 25th, but according to the About Flash page, updates have been issued for other than Win8.1 & Win10 (links to both pages above)
Adobe Releases Security Updates
https://www.us-cert.gov/ncas/current-activity/2017/11/14/Adobe-Releases-Security-Updates
Original release date: November 14, 2017
Adobe has released security updates to address vulnerabilities in Flash Player, Photoshop CC, Adobe Connect, DNG Converter, InDesign, Digital Editions, Shockwave Player, and Experience Manager. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
US-CERT encourages users and administrators to review Adobe Security Bulletins APSB17-33, APSB17-34, APSB17-35, APSB17-37, APSB17-38, APSB17-39, APSB17-40, and APSB17-41, and apply the necessary updates.
Adobe Security Bulletin
https://helpx.adobe.com/security/products/flash-player/apsb17-42.html
Security updates available for Flash Player | APSB17-42
Last Published: December 13, 2017
Bulletin ID: APSB17-42
Date Published: December 12, 2017
Priority: 2
Summary
Adobe has released a security update for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. This update addresses a regression that could lead to the unintended reset of the global settings preference file.
Affected Product Versions : 27.0.0.187
Solution: 28.0.0.126
(No US-Cert post found yet)
Depending on the browser you are using, the links above may apply.
Adobe Security Bulletin
https://helpx.adobe.com/security/products/flash-player/apsb18-01.html
Security updates available for Flash Player | APSB18-01
Bulletin ID: APSB18-01
Date Published: January 9, 2018
Priority: 2
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address an important out-of-bounds read vulnerability that could lead to information exposure.
Affected Product Versions: 28.0.0.126
Solution: 28.0.0.137
Security updates available for Flash Player | APSB18-03
https://helpx.adobe.com/security/products/flash-player/apsb18-03.html
Bulletin ID: APSB18-03
Date Published: February 6, 2018
Priority: 1
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities that could lead to remote code execution in Adobe Flash Player 28.0.0.137 and earlier versions. Successful exploitation could potentially allow an attacker to take control of the affected system.
Adobe is aware of a report that an exploit for CVE-2018-4878 exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious Flash content distributed via email.
Affected Product Versions: 28.0.0.137
Solution: 28.0.0.161
Adobe AIR has been updated to version 29.0.0.112 – https://get.adobe.com/air/
Adobe Flash Player has been updated to version 29.0.0.113. Executables for manual installation (Right-click; select Save Link As):
Flash Player for Firefox 29.0.0.113 – NPAPI
Flash Player for Internet Explorer 29.0.0.113 – ActiveX
Flash Player for Opera and Chromium-based browsers 29.0.0.113 – PPAPI
Security updates available for Flash Player | APSB18-16
https://helpx.adobe.com/security/products/flash-player/apsb18-16.html
Bulletin ID: APSB18-16
Date Published: May 8, 2018
Priority: 2
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player 29.0.0.140 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Affected Product Versions: 29.0.0.140 and earlier versions
Solution: 29.0.0.171
Find links above for updates
Security bulletins were also issued for Creative Cloud Desktop Application (Priority 2) & Adobe Connect (Priority 2)
Adobe Security Bulletin:
Security updates available for Flash Player | APSB18-19
https://helpx.adobe.com/security/products/flash-player/apsb18-19.html
Bulletin ID: APSB18-19
Date Published: June 7, 2018
Priority: 1
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player 29.0.0.171 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Adobe is aware of a report that an exploit for CVE-2018-5002 exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious Flash Player content distributed via email.
Affected Product Versions: 29.0.0.171 and earlier versions
Solution: 30.0.0.113
Find links above for updates for browser versions
See also, on Code Red: Adobe Flash Zero Day Patch
Find links above for updates for browser versions
… or, for the 47% running Windows 8.1/10, find them here:
2018-06 Security Update for Adobe Flash Player for Windows 8.1/10
Windows 11 Pro version 22H2 build 22621.1194 + Microsoft 365/Edge
I am aware of people successfully loading the appropriate browser updates for Flash, in Win10 machines (they are using non-MS browsers, as far as I know).
… or, for the 47% running Windows 8.1/10, find them here: 2018-06 Security Update for Adobe Flash Player for Windows 8.1/10
As far as I know, that will only help you if you only want to update Flash in IE and Edge. If you’re one of the 84% who doesn’t use MS browsers, you’ll still have to get the updates from Adobe.
Dell XPS 13/9310, i5-1135G7/16GB, OpenSUSE Tumbleweed
XPG Xenia 15, i7-9750H/16GB & GTX1660ti, OpenSUSE Tumbleweed
You’ll find those links above 🙂
Adobe Security Bulletin:
Security updates available for Flash Player | APSB18-24
https://helpx.adobe.com/security/products/flash-player/apsb18-24.html
Bulletin ID: APSB18-24
Date Published: July 10, 2018
Priority: 2
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player 30.0.0.113 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Affected Product Versions: 30.0.0.113 and earlier versions
Solution: 30.0.0.134
Find links above for updates for browser versions
KB 4338832 for Win8.1/10 offline installer (prerequisite noted: KB 4132216 SSU)
Adobe Security Bulletin:
Security updates available for Flash Player | APSB18-25
https://helpx.adobe.com/security/products/flash-player/apsb18-25.html
Bulletin ID: APSB18-25
Date Published: August 14, 2018
Priority: 2
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address important vulnerabilities in Adobe Flash Player 30.0.0.134 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Affected Product Versions: 30.0.0.134 and earlier versions
Solution: 30.0.0.154
Find links above for updates for browser versions
KB 4343902 for Win8.1/10 offline installer (prerequisite noted: KB 4132216 SSU)
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-31
https://helpx.adobe.com/security/products/flash-player/apsb18-31.html
Bulletin ID: APSB18-31
Date Published: September 11, 2018
Priority: 2
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address an important vulnerability in Adobe Flash Player 30.0.0.154 and earlier versions. Successful exploitation could lead to information disclosure.
Affected Product Versions: 30.0.0.154 and earlier versions
Solution: 31.0.0.108
Find links above for updates for browser versions
KB 4457146 for Win8.1/10 offline installer (same prerequisite as last month’s)
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-39
https://helpx.adobe.com/security/products/flash-player/apsb18-39.html
Bulletin ID: APSB18-39
Date Published: Noveember 13, 2018
Priority: 2
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address an important vulnerability in Adobe Flash Player 31.0.0.122 and earlier versions. Successful exploitation could lead to information disclosure.
Affected Product Versions: 31.0.0.122 and earlier versions
Solution: 31.0.0.148
Find links above for updates for browser versions
KB 4467694 for Win8.1/10 offline installer (prerequisities mentioned)
The Security Bulletin related to today’s blogpost: Out of band update for Adobe Flash Player Nov. 19, 2018
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-44
https://helpx.adobe.com/security/products/flash-player/apsb18-44.html
Bulletin ID: APSB18-44
Date Published: November 20, 2018
Priority: 1 (except Linux – priority 3)
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address a critical vulnerability in Adobe Flash Player 31.0.0.148 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Technical details about this vulnerability are publicly available.
Further details (& Microsoft Catalog link) are in the blogpost; links, as always, are above.
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-42
https://helpx.adobe.com/security/products/flash-player/apsb18-42.html
Bulletin ID: APSB18-42
Date Published: December 05, 2018
Priority: 1 (except Linux – priority 3)
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address one critical vulnerability in Adobe Flash Player and one important vulnerability in Adobe Flash Player installer. Successful exploitation could lead to Arbitrary Code Execution and privilege escalation in the context of the current user respectively.
Adobe is aware of reports that an exploit for CVE-2018-15982 exists in the wild.
Adobe Flash Player Affected Product Versions: 31.0.0.153 and earlier versions
Solution: 32.0.0.101
Adobe Flash Player Installer Affected Product Versions: 31.0.0.108 and earlier (priority 2)
Solution: 31.0.0.122
Find links above for updates for browser versions
KB 4471331 for Win8.1/10 offline installer
(MS KB information)
Wow also ANOTHER out-of-band Adobe Flash update on WU and in the catalog for december 2018:
https://www.theregister.co.uk/2018/12/05/flash_zeroday_adobe/
WaaS = Windows as a Syphon...suckers!
This is NOT A SECURITY UPDATE (yes, confusing!)
Security updates available for Flash Player | APSB19-01
https://helpx.adobe.com/security/products/flash-player/apsb19-01.html
Bulletin ID: APSB19-01
Date Published: January 08, 2019
Priority: 3
Summary:
Adobe has released updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address feature and performance bugs, and do not include security fixes.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190001:
Note: Please disregard mentions of security or vulnerability in this advisory. These are hardcoded titles that we were unable to change for this non-security Adobe Flash update.
❗
Adobe Security Bulletin
Security updates available for Flash Player | APSB19-06
https://helpx.adobe.com/security/products/flash-player/apsb19-06.html
Last Published: February 13, 2019
Bulletin ID: APSB19-06
Date Published: February 12, 2019
Priority: 2
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address one important vulnerability in Adobe Flash Player. Successful exploitation could lead to information disclosure in the context of the current user.
Affected Product Versions: 32.0.0.114 and earlier
Solution: 32.0.0.142
Find links above for updates for browser versions
KB 4487038 for Win8.1/10 offline installer
(MS KB information)
Security Updates were also issued for Creative Cloud Desktop (Priority 3), as well as Acrobat/Reader
Adobe Security Bulletin
Security updates available for Flash Player | APSB19-19
https://helpx.adobe.com/security/products/flash-player/apsb19-19.html
Last Published: April 10, 2019
Bulletin ID: APSB19-19
Date Published: April 9, 2019
Priority: 2
Summary:
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address a critical and an important vulnerability in Adobe Flash Player. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Affected Product Versions: 32.0.0.156 and earlier
Solution: 32.0.0.171
Find links above for updates for browser versions
KB 4493478 for Win8.1/10 offline installer
(MS KB information)
Adobe Security Bulletin
Security updates available for Flash Player | APSB19-26
https://helpx.adobe.com/security/products/flash-player/apsb19-26.html
Last Published: May 14, 2019
Bulletin ID: APSB19-26
Date Published: May 15, 2019
Priority: 2
Summary
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address a critical vulnerability in Adobe Flash Player. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Affected Product Versions: 32.0.0.171 and earlier
Solution: 32.0.0.192
Find links above for updates for browser versions
KB 4497932 for Win8.1/10 offline installer
(MS KB information)
Thanks, Kirsty & Woody for this. A quick way to access needed links… I’m currently up-to-date on Firefox, though I’ll need to update Windows & IE 11 in November. No biggie!
2 Machines for Now!
#1: Windows 8.1, 64-bit, back in Group A.
#2: Getting close to buying a refurbished Windows 10 64-bit, recently updated to v1909. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...
? says:
no security in October Flash patch v32.0.0.270, just “important bug fixes,” ho hum:
https://helpx.adobe.com/flash-player/release-note/fp_32_air_32_release_notes.html
? says:
wow,i forgot to check for an Adobe Flash Player security patch on Win7 and according to:
https://helpx.adobe.com/flash-player/release-note/fp_32_air_32_release_notes.html
flash hasn’t had any “security” problems since September 2019. they must have finally got it right just in time to retire it?
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
