Adobe's Flash Player, just like Oracle's Java, seems to be in permanent focus when it comes to security. Both are preferred targets of hackers and criminals thanks to their wide distribution. Adobe this month released three security updates for Flash Player. The first two security updates were released on February 7 and 12, fixing critical security issues in Flash Player.
Yesterday, the company released a new security update for Flash Player that addresses several issues related to security. According to Adobe's security bulletin, version of Flash Player for Windows, Macintosh and Linux are affected and need to be updated to the latest version to resolve those issues.
Adobe has released security updates for Adobe Flash Player 11.6.602.168 and earlier versions for Windows, Adobe Flash Player 11.6.602.167 and earlier versions for Macintosh, and Adobe Flash Player 11.2.202.270 and earlier versions for Linux.
Adobe notes that some of the vulnerabilities are exploited on the Internet. The company mentions that they target the Firefox web browser specifically, and that they are designed to trick users into clicking on links that direct them to websites where malicious Flash contents are being loaded.
It is recommended to update Flash Player asap to patch the vulnerability. If that is not possible right now, it is highly suggested to either disable Flash completely in the browser for the time being, enable click to play if available, or to install an extension like NoScript to block plugin contents from being loaded automatically when websites are visited.
Note that the Flash version of Google Chrome and Internet Explorer 10 on Windows 8 will be automatically updated.
Check out this guide - it is for Java but the same methodology works also for Flash and other plugins - which explains how to use click to play or NoScript in Firefox.
You can check your version of Flash on this about page on the Adobe website.
Mozilla recently added several Flash Player versions to the company's blocklist, but the versions affected by the vulnerability are not among them.
Enjoyed the article?: Then sign-up for our free newsletter or RSS feed to kick off your day with the latest technology news and tips, or share the article with your friends and contacts on Facebook, Twitter or Google+ using the icons below.
I got sick of the constant java updates and uninstalled it yesterday. Adobe's new flash stub installer is burdensome and doesn't work half the time. I found the full download for it, which solved both problems. Does anyone have the address of the full download of the latest version?
Looks like they want you to apply for a redistribution license to get it.
Found it via a commenter at filehippo: http://www.adobe.com/products/flashplayer/distribution3.html
I think these are always the latest versions, as exe or MSI installer,
for the ActiveX and the plugin version:
Flash Player for Internet Explorer:
http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_11_active_x.exe
http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_11_active_x.msi
Flash Player for Other browsers:
http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_11_plugin.exe
http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_11_plugin.msi
Just checked and mine is V.11.6.602.175 - I am using Opera 12.14 right now. Probably it updated for loading that IE 10 few hours ago - after reading Martins mention. Thanks a lot.
As i hardly ever watch videos on internet , have never played online games and have never used flash based applications I have removed flash six months ago. right on the day which I purchased my new laptop which had flash prelinstalled.
Now that I got membership of Microsot IT academy I need flash player.
Hope big companies switch to HTML5 and leave flash for history.
Itself being a background app/process, Privatefirewall appears to be designed to work with IE, at least in the sense IE security settings impact Privatefirewall functioning regardless of its own settings.
On 02-27-13, Adobe had its third flash player update for the month; my Privatefirewall on Windows 7 Home Premium SP1 64 bit had no unresolved leaks up to then, but after said third flash update had several leaks appear...tried ALL kinds of adjustments to ALL Privatefirewall settings, and the same new leaks sat staring at me (at least w/o new ones).
Then I reset Privatefirewall back as I originally had it, and got into Internet Explorer's advanced internet options; I had to slowly fiddle with sliders/permissions in each IE zone re my peculiar OS build, but one by one as I did so, the new leaks disappeared and got Privatefirewall back to no unresolved leaks...whatever the new flask update had done, IE advanced internet options alone had cured. (Note: fiddling with flash player and assorted other things had no effects of any kind upon Privatefirewall.)
The ONLY thing I had to go outside IE or Privatefirewall to fix was to make another secure browser the default browser, which closed the impersonation vulnerability re ExplorerAsParent.
To me, that seems like one heck of an ironic Adobe security patch!
It would be most helpful if Adobe could carry out adequate testing before release.
This would save time all round.
liberte