Adobe has issued a security update for its Flash Player software that fixes at least two critical vulnerabilities in the widely-used program. At long last, this latest version also includes an auto-updating mechanism designed to streamline the deployment of Flash security fixes across multiple browsers.
If it seems like you just updated Flash to fix security holes, it’s not your imagination. This is the third security update for Flash in the last six weeks. Flash Player v. 11.2 addresses a couple of flaws in Adobe Flash Player 18.104.22.168 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 22.214.171.124 and earlier versions for Android 3.x and 2.x. Adobe warns that these vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.
My previous posts on Flash updates have been accompanied by lengthy instructions about how to update the program. That’s in part because Adobe has traditionally deployed two separate installers for Windows based systems: One for Flash on Internet Explorer, and another for non-IE browsers. With the release of Flash Player 11.2, Adobe is introducing a new background update mechanism for Windows users that promises to take some of the pain out of updating.
Here’s how Adobe describes the updates to its updater:
The new Adobe Flash Player background updater updates all instances of a release version of Adobe Flash Player for all Web browsers on a computer. Previously, users had to perform separate updates for each Web browser running on their system.
With the introduction of the new background updater, Windows users have the option to download and install updates for Adobe Flash Player automatically (when available), without user interaction. After a successful installation of Adobe Flash Player 11.2, users are presented with a dialog box to choose an update method. The following three update options are available to users:
§ Install updates automatically when available (recommended)
§ Notify me when updates are available
§ Never check for updates (not recommended)
Additionally, the user can change his update preferences at any time via the Flash Player Settings Manager, which for Windows users can be accessed via the Control Panel > Flash Player. In the Flash Player Settings Manager, the update preferences can be found and selected in the “Advanced” tab under “Updates.”
Want to learn which version of Flash you have on your system? Visit this link. Updates are available via the Adobe Flash Player Download Center. Google’s Chrome browser usually auto-installs Flash updates, often before Adobe even publicizes them. But this is the second time Chrome has fallen behind on that front: My installation of Chrome still shows version 11,1,102,63.
Sadly, Adobe’s fancy new updater doesn’t go beyond Flash itself. If you have Adobe Air installed (that means you, Tweetdeck users), Air will need to be updated as well to accommodate these Flash fixes. For more on how to do that, see these instructions.