February 2017 Adobe Flash Player security updates available

Topic

New Reply

From EP: Hey Woody.  Happy Valentine’s Day. While Microsoft has chosen to delay the release of the February 2017 security updates for .NET, IE, Edge,
[See the full post at: February 2017 Adobe Flash Player security updates available]

1 user thanked author for this post.

Pepsiboy

Reply | Quote

Replies

Y’know, I’d almost forgotten that I had disabled the Flash add-on entirely a while back.

I don’t recall missing any glitz. Seems like I’m able to see whatever content I go looking for.

-Noel

Reply | Quote

@ Noel

Some cptr users like to stream a lot of videos, eg TV shows, movies, live sports, etc. Many video-streaming sites still use Adobe’s Flash Player software. A few old Youtube videos can only play in Flash.
For such cptr users, to reduce security risks, they should make sure that their browser Plugins are set to ‘click-to-play’, n not ‘auto-play’ = no need to disable their Flash Player plugin .

1 user thanked author for this post.

rc primak

Reply | Quote

I am one of those users. Some US broadcast network players have this issue.

-- rc primak

Reply | Quote

Isn’t Adobe Flash dead yet?
Haven’t used it since around 2007, more holes than a teabag!

Windows - commercial by definition and now function...

Reply | Quote

Is Flash Player still on the don’t install list?

Reply | Quote

Actually, it’s probably on the way out. If you can live without it – do so. If you have to have it – the updates are a MUST.

Reply | Quote

I keep a current copy with “never activate” set in Pale Moon. About the only place where I found it necessary to activate is in one site run by the state government. Everywhere else for what I need, there’s a workaround or they’ve enabled HTML5. I think my Flash is getting updated more often than I’m running it.

Reply | Quote

Chrome 57 is moving the “plugin” controls out of user control. Anything not listed as an Extension can’t be changed anymore. There is literally no longer any “chrome://plugins” page. Flash Player and PDF Viewer controls don’t always get obeyed, and just to check the Flash Player version at Adobe’s page, we now have to disable ad blocking extensions. There is a Settings>>Content place where Flash Player and the PDF Viewer can be set to run always, click to play (doesn’t work on many sites) or run never. These settings are not always respected by Chrome at some sites.

Component Updating for Chrome 57 is as it always has been. My Chrome Beta in Windows and Linux have been brought up to date through this page.

The problem might come in if Microsoft has postponed the Flash Player Updates through Microsoft Update. That would unnecessarily place users of Edge or IE 11 under Windows 8.1 and 10 at risk. I’ll check for this possibility when I run my usual mid-month updates check in my PCs. (Right now I’m in Linux and can’t do this.)

-- rc primak

1 user thanked author for this post.

AlanH

Reply | Quote

@ rc primak

Many websites display Flash video ads. To bypass visitors’ ‘click to play’ or ‘never activate’ browser setting for their Flash Player plugin, some of these websites alter the coding of their Flash video ads to make them appear like other news content = the Flash video ads will always ‘auto-play’.

So, the problem of Flash video ads auto-playing even with the browser setting at ‘click to play’ or ‘never activate’ is not with the browsers, but with the websites’ administrators.

Similarly, some websites require Adblockers to be disabled or whitelisted b4 visitors can view their contents.

Reply | Quote

Actually, it turns out that some of the content controls and security settings in Chrome got moved into little icons in the Location Bar. And it wasn’t ad blocking at the Adobe testing page which made the issue. It was scripts, which Chrome is now blocking, and the control for this is a tiny shield icon at the right of the location bar. I’m still sorting through this and other changes in the way Chrome handles Flash content now. This is Chrome 57 where the changes are being introduced. There is not, as has been erroneously reported, any loss of user controls — the controls have simply been massively rearranged and obfuscated.

We should assemble a KB article here at AskWoody for the changes in Chrome 57 in terms of security controls and Flash Player controls.

-- rc primak

1 user thanked author for this post.

Elly

Reply | Quote

@ rcprimak

You are correct. My apologies. Seems HTML5 scripting allows video ads to auto-play which cannot be stopped normally. Pls refer to this link on how to stop this,
http://askbobrankin.com/how_to_stop_annoying_autoplay_videos.html

1 user thanked author for this post.

rc primak

Reply | Quote

Bob Rankin is great for these kinds of insider tips. This article was where I found out about the Chrome Extension and the Firefox setting.

-- rc primak

Reply | Quote

In Chrome 56 point something, I can get to the controls for Flash (and the built-in PDF displayer, and a few other plugin-like pieces parts) via

Settings -> Show advanced settings… -> Privacy -> Content settings…

Apparently this is the new location.

There’s a little bit of explanation at the Chrome Help Forum, and some more detail in a recent Tech Help Knowledgebase article.

2 users thanked author for this post.

Elly, rc primak

Reply | Quote

Correct. But there are also tiny icons in the URL Bar (Location Bar) for some controls on a per-page basis.

-- rc primak

Reply | Quote

PKCano wrote:

Actually, it’s probably on the way out. If you can live without it – do so. If you have to have it – the updates are a MUST.

At This Forum’s suggestion I deleted Flash awhile back. Maybe once or twice something hasn’t worked for lack of it, but nothing really important. Not as crucial an App FOR ME now as one would think. Your mileage may vary.

W10 Pro 22H2 / Hm-Stdnt Ofce '16 C2R / Macrium Pd vX / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU = 0

Reply | Quote

Woody
What should we do run the update and go with the new version or not.
If we shouldn’t use Adobe Flash Player then what should we use instead and will it all be compatible with downloads that we already have?
Thanks

Reply | Quote

I have followed the good advice to remove the Flash plugin from my main browser. I use Firefox as my default browser, with Chrome as a backup/alternate.

As it stands now, my Firefox browser has no media plugins, which should reduce the attack surface from web based attacks.

I use the Firefox plugin “Open In Chrome” which has a one-click toolbar button for easy access to websites that insist on using Flash. I typically set Chrome to “ask” before running plugins, except for sites that I trust.

I think that using a locked down browser as the default minimizes many of the risks of the web.

Windows 10 Pro 22H2

Reply | Quote