version 35 says newest adobe flash player 16 is vulnerable when adobe says this the lastest version
I've updated to latest version of adobe shockware flash 16-released 1/22/2015-but plug-in status page says its vulnerable and needs updating. My other software security program PSI says its ok. What's up with this? How come Firefox is saying this plug-in is vulnerable?
Semua Balasan (4)
You need to have Flash 16.0.0.287. Anything lower is vulnerable to various security holes.
You can download and install it from https://get.adobe.com/flashplayer/download/?installer=FP_16_for_Firefox_-_NPAPI&standalone=1
I have updated to this version of Flash 16.0.0.287 just last night from the adobe download page and the plug in status page still says its vulnerable. So what's going on here?
hello, adobe has released a critical patch to mitigate yet another vulnerability in its flash plugin, which is reportedly already exploited in the wild. https://helpx.adobe.com/security/products/flash-player/apsa15-01.html
please update to Adobe Flash Player version 16.0.0.296, which you can download from http://www.adobe.com/products/flashplayer/distribution3.html (use the windows-exe for plugin-based browsers).
In fact my understanding from
- http://helpx.adobe.com/security/products/flash-player/apsa15-01.html (updated 26th Jan)
Is that the latest version is 16.0.0.296, although that may only be available at the moment as an auto update upgrade from 16.0.0.287UPDATE (January 24): Users who have enabled auto-update for the Flash Player desktop runtime will be receiving version 16.0.0.296 beginning on January 24. This version includes a fix for CVE-2015-0311. Adobe expects to have an update available for manual download during the week of January 26, and we are working with our distribution partners to make the update available in Google Chrome and Internet Explorer 10 and 11. For more information on updating Flash Player please refer to this post.
For up to date info see Adobe's bulletins listed here
It is possible yet further upgrades may be required.