For the second time in less than a month, Adobe has issued an update to fix dangerous flaws in its Flash Player software. The patch addresses two vulnerabilities rated “critical,” but Adobe says it is not aware of active attacks against either flaw.
The fixes being released today address a pair of critical bugs that are present in Adobe Flash Player 22.214.171.124 and earlier versions for Windows, Mac, Linux and Solaris, Flash Player v 126.96.36.199 and earlier versions for Android 4.x, and Flash Player 188.8.131.52 and earlier versions for Android 3.x and 2.x. Adobe says both flaws in today’s release were reported by Google security researchers.
For Windows, Mac, Linux and Solaris users, the newest version is 184.108.40.206, and is available through the Player Download Center. To find out which version of Flash you have installed, visit this page. Users can grab the latest version from the Adobe Flash Player Download Center, although if you’re not careful to untick the check box next to whatever “optional” goodies Adobe tries to bundle with Flash Player (the most common is McAfee Security Scan Plus) you could end up with more than you wanted.
Windows users who browse the Web with Internet Explorer and another browser may need to apply the Flash update twice, once using IE and again with the other browser. Chrome normally auto-updates Flash – often hours or days before the fixes are publicly released for download — although for some reason I still had the vulnerable version 220.127.116.11 installed when Adobe’s security advisory was released today. According to the Chrome Releases blog, Google began pushing out an update last night that includes the new Flash version.
Today’s update comes close on the heels of a critical Flash patch that closed at least seven security holes, including one that was at the time already being exploited to break into vulnerable systems (that one, also, was reported by Google).
Direct links to the various versions here: https://www.adobe.com/special/products/flashplayer/fp_distribution3.html
Firefox + XP, here.
(1) When I go to the Adobe D/L site,
I’m offered Flash Player version: 10.3.183.16.
(2) If I go to MajorGeeks,
they offer Flash Player version: 18.104.22.168.
(3) the Question:
Which is the latest version of Flash Player
and where should I get D/L from?
(safely & w/o Adware, of course…)
thks for pointers!
See my posts. 😉
Weird, your 2 prev. posts (above mine),
only appeared after I posted my comment.
Is Krebs’s site
having a CSS styling problem? ~bad-hair day 🙂
(Firefox + XP here).
this Flash update,
is getting weirder by the minute.
(1) I UNinstalled Flash Player v.22.214.171.124.
(using the official ADOBE Flash Player uninstaller).
from my Firefox 3.6.27 / XP.
Ok – v.126.96.36.199 UNinstalled successfully.
(2) I then INSTALLED Flash Player v.188.8.131.52,
for Firefox , XP 32 bit –
from the Adobe site pointed by Tea-Time, (see links above)
But when I re-opened Firefox,
it still says
I have the old Flash Player v.184.108.40.206 installed…
The Adobe site also detects
that the old v.220.127.116.11 is still installed.
Any ideas of what’s happening?
I’ve had this exact same thing happen with Flash updates. Try rebooting the box and checking the version. If that doesn’t work, remove, reboot, reinstall Flash. Should work then.
Thanks Brian – did that,
but still get
the OLD Flash Player v.18.104.22.168 installed,
after D/L v.22.214.171.124 from Adobe.
Hmm! It looks like those direct links still point to v126.96.36.199 up on Adobe’s servers. I would like to take this opportunity to say.. freakin’ Adobe!!
Here are some more direct links I gleaned from another site. They are different than the ones on the direct links page I posted above and do give you v188.8.131.52!
Download Adobe Flash Player 11.1 (for all other browsers) 32-bit
Download Adobe Flash Player 11.1 (for all other browsers) 64-bit
Download Adobe Flash Player 11.1 (for Internet Explorer) 32-bit
Download Adobe Flash Player 11.1 (for Internet Explorer) 64-bit
This, most recent link (post above)
from Tea-Time, worked fine.
v.184.108.40.206 installed ok
in FF 3.6.27, XP-32 bit.
Thanks Tea-Time !!
Of course, we’ll never know
what’s happening @ Adobe HQs…
How can they botch such an important link
to the latest Flash Player, after all these critical vulnerabilities were discovered…?
You’re welcome, SFdude.
That’s a very good question!!
TEA-Time and SFdude, it’s v. 220.127.116.11, NOT 18.104.22.168! Stop mislabeling it as the latter! 😮
Whoops, that’s what I get for copy & pasting from SFdude’s post. Heh
My individual links were right. 😉
I think you forgot one thing, Brian: the Adobe Flash Player update for Mac users is 22.214.171.124, NOT 126.96.36.199! Just wanted to point that out to you.
Ya, I noticed the same thing. Interesting, that just that tiny number can make one slightly paranoid. 🙂
I like to use Ccleaner to check which versions are loaded. Takes only one operatioln. BTW that recent Mozilla up certainly sneaked through quietly.
Chrome still isn’t pushing the new version to me.
Google has now pushed out the new Chrome update.
Yeah! And it TOTALLY failed on Vista Home Premium x64. I can no longer use Chrome – good riddance for all I care, I didn’t like their new EULA.
So I went to Comodo and got their version of Chrome, and it works WAY better. They pay attention to privacy issues too! All my pluggins work better – I could go on and on – – – ]:)
ok – people on the DSLreports thread
are reporting exactly the same problem –
They d/l the new Flash Player v.188.8.131.52,
but they get the old Flash Player v.184.108.40.206…
see most recent posts,
at the bottom of the DSLreports thread:
SFdude, why do you keep mislabeling v. 220.127.116.11 as v. 18.104.22.168?
You are right, Debbie.
It’s 11.1… (NOT 11.2 ) .
” .63″ is finally installed & working fine,
thanks to Tea-Time’s perseverance.
I had some Darjeeling Tea later, in his honor.
Those are my initials, btw. It’s an oxymoron due to the fact that I really don’t even like tea. Heh
Me too. I am having such errors.
All is well now with the site css. It must have been a slow loading of scripts and graphics problem. Or, it was being restored from backups as I was viewing this article.
I’ll let you know if this happens again on my watch.
I have a feeling that many people like TEA-Time and SFdude keep mislabeling Adobe Flash Player 11.1 as “11.2”! FYI, Adobe Flash Player is NOT 11.2!
Number of security holes in Flash since last time: 20
Number of security holes in HTML5 video since last time: 0
Take the no-flash challenge: Uninstall it and don’t use it for one week. Then reinstall it, use it, and evaluate whether the security risk is worth it.
March 6, 2012
### BREAKING NEWS ! ### ADOBE PRESENTS: ###
Adobe SWF Investigator
Perform quick, comprehensive, analysis of SWF applications
Download and Discuss:
Discuss SWF Investigator:
Adobe® SWF Investigator is the only comprehensive, cross-platform, GUI-based set of tools, which enables quality engineers, developers and security researchers to quickly analyze SWF files to improve the quality and security of their applications. With SWF Investigator, you can perform both static and dynamic analysis of SWF applications with just one toolset. SWF Investigator lets you quickly inspect every aspect of a SWF file from viewing the individual bits all the way through to dynamically interacting with a running SWF.
Don’t know if this is a glitch of the newest flash player or a Firefox problem. Today–for no apparent reason–no video (e.g. YouTube et al.) can be adjusted on my XPSP3 system via the video’s own volume or screen size controls. On Firefox, I am stuck with the small image and with the volume controls on my computer and speakers. However, the YouTube et al. on-screen controls work for videos played on IE8.
Can’t find anything today via Google re this issue. Anyone else encounter it?
This evening, the problem disappeared as mysteriously and spontaneously as it appeared. I have no explanation for either.
I did the Flash update (on Windows XP) and now am going to have to reinstall the old version, because the new one disables the “Download This Video” capability.
I’m very annoyed that they did this without any prior notice. Could it be that Adobe regards it as a vulnerability when computer owners can download the videos we are viewing with Flash?
No computer has business being “secure” against its owner.