Network News

X My Profile
View More Activity

Time to Patch Your Flash

Adobe has issued an update to patch several security holes in its Flash player. Most people will have some version of Flash installed on their computers, so it's a good idea to take a moment and make sure your system receives this update. Updates are available for Flash on Windows, Mac OS X, Linux and Solaris systems.

The new version is The Flash installer should remove any older versions on your system before installing the newest one, so there's no need to manually uninstall your existing Flash installation before updating. The installer should also update the Flash plug-in for multiple browsers, including Internet Explorer, Firefox and Opera, all in one go. But it's still a good idea after updating to visit this link to Adobe's About Flash page -- with each of the browsers you use -- to make sure its Flash install has been updated.

If for some reason you encounter problems while trying to install the update, check out Adobe's Flash support page, which includes some FAQs on common issues as well as a help center search box for more complicated questions.

Anyone interested in the seven vulnerabilities fixed by this update can read more here.

Update, 4:36 p.m. After a reader comment and question, I went back and looked at what changed on my system and found that the updater had indeed installed the new Flash version for both Firefox (my default browser), and Opera, but not for IE7. To get the update for IE, I had to visit the install page with IE, click "Agree and Install Now," then approve the installation of an ActiveX control, and then hit "Run" at the next prompt before the installation completed.

By Brian Krebs  |  April 11, 2008; 3:31 PM ET
Categories:  Latest Warnings , New Patches , Safety Tips  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Spammers Using Google, Outlook Calendars to Get Your Attention
Next: Security Fix Pop Quiz, Spring 2008 Edition


BK, first love the blog. Second, the Flash update--I believe--must be performed for *each* browser separately. So if you have Firefox and IE, you need to navigate to the update site using each of the browsers. The Firefox update is a downloadable executable, while the IE update uses an Active X control to install.

Posted by: Anonymous | April 11, 2008 4:29 PM | Report abuse

After using IE to get the latest Flash version, a Secunia scan found that the old version had not been removed. Delete this file - C:\WINDOWS\SYSTEM32\Macromed\Flash\Flash9e.ocx

Posted by: Anonymous | April 11, 2008 5:01 PM | Report abuse

For more on this same subject see
Time to update the Flash player. Here's how

Posted by: Michael Horowitz | April 11, 2008 5:38 PM | Report abuse

I've always found it works best to use the uninstaller to remove any/all previous versions of Flash, then install the new version as needed.

The uninstaller can be found here:

Note: for Windows, the uninstaller is usually updated with each new Flash version, so you have to be sure to delete the old one and download the latest uninstaller version.

Posted by: TJ | April 11, 2008 5:53 PM | Report abuse

Hey Brian:
Thanx for the column, it really helps!
I was able to update Active X on IE,
but can't get Adobe update to work with
Firefox ( my main browser ). No help from
Adobe, any suggestions on how to update
Flash with Firefox would be appreciated.
I am running Windows XP SP2+ .

Posted by: RP | April 11, 2008 7:42 PM | Report abuse

What is Windows XP SP2+? Do you mean SP3?

Posted by: Ralph M. Brouchoud | April 11, 2008 9:51 PM | Report abuse

RP: Try running the Flash Player uninstaller and starting fresh. After uninstalling, run a thorough Secunia scan and manually remove anything it finds as this may be getting in the way. Also, if you are using a portable version of Firefox, you're on your own as Adobe doesn't support it. For more, see my CNET blog posting (link is above).

Posted by: Michael Horowitz | April 11, 2008 10:30 PM | Report abuse

To: Ralph M. Brouchoud
Technoid friend refers to window SP2+ as
windows SP2 plus ALL the "latest patches"
from Microsoft - sorry.
To:Michael Horowitz
Many Thanx - followed steps you described:
(1) Adobe Flash uninstall
(2) Secunia scan
(3) Manual uninstall of Opera & Firefox
(4) Adobe update
Now running on all browsers!
Again - thanxs for the help.

Posted by: RP | April 12, 2008 7:57 AM | Report abuse

I've updated the Flash Player on several XP/SP2+ machines (thanks to RP for suggesting that notation!), and have encountered an odd glitch on a couple of them when installing the plugin for Firefox.

I start the installer, and then get an error dialog box that says:

"Error opening file for writing:

However, if I then click the "RETRY" button, the installation does complete (as shown by Firefox's "about:plugins" page, and the Adobe test page BK mentions).

So far, I have no particular clue about why this happens. ;-)

Posted by: Rich Gibbs | April 12, 2008 11:45 AM | Report abuse

I cannot seem to get flash to install on IE 7 on some of my computers (all Win XP Pro SP2). It worked on my laptop, but on my 2 PCs I get to the "install activex control" button, click install, and then it just sits there, with the install bar going across and nothing happening. I have no add-ons installed in IE 7 that could be blocking it as far as I know.

Posted by: Stern | April 12, 2008 2:47 PM | Report abuse

I tried to update 2 other PC's with same
problem, did the same steps as before...
both wouldn't update. Beautiful weekend,
I'll work on it Monday & let you know if
I figure it out.
TO: Rich Gibbs
Strange error - I never saw that one, I
wonder if someone at Adobe is playing with
update files?*(&^&^^.

Posted by: RP | April 12, 2008 5:06 PM | Report abuse

Brian: What would I do without you? Thanks yet again.

But, why do these companies make it so complicated to update their products? I'm semi-computer-literate and it takes me a long time to figure out how to install updates. (I just spent 30 minutes updating Flash and Quicktime, and checking with Secunia to make sure it was done correctly.)

Many of my friends, who use computers without any understanding of such things, never update anything. Maybe you could comment on this in a future column?

Posted by: JBV | April 12, 2008 5:10 PM | Report abuse

If you use filehippo to update your files it does it flawlessly for both IE and Firefox.

Posted by: neb5 | April 12, 2008 7:39 PM | Report abuse

Speaking of FileHippo, I can't get that one to work! Each time I try to run it, I get an error message.

I have uninstalled FileHippo, and re-installed. Same error.

It's a neat, little application, but I just can't get it to work. .Net is up to date.

Posted by: Jim | April 13, 2008 4:02 AM | Report abuse

I'm using IE7 and my PC updated the flash player to 9. I'm able to view some video content on select sites. Other sites i get an error stating my plug ins needs to be updated. I've followed all the FAQ's on adobe site, no change. Any suggestions?

Posted by: sasha | April 13, 2008 2:06 PM | Report abuse

The patch for firefox worked fine. But my IE7 keeps showing that I'm using flash 7,0,68,0. I've ok'd the activex controls and lowered the security settings. Installation seems to run fine, I see the little animation saying it's done. But when I go back to the link to the about page, it says I'm still using the old version.

Posted by: ugh | April 14, 2008 12:12 AM | Report abuse

To the person that found that the old version FLASH9e.ocx was still on their system that means that the ActiveX control was in use when you tried to update it.

If you are using the Secunia "Personal Software Inspector" PSI then IT uses the Flash9e.ocx and the only way to delete it is to have all instances of IE closed (check task manager) and ensure that the PSI.EXE is not running.

It is a quirk that the PSI gives you the path to download the FLASH ActiveX control but does not tell you to close it first.

Posted by: Fred Dunn | April 14, 2008 3:27 PM | Report abuse

I wasted half an hour trying to remove the IE version with the uninstaller (with Secunia running). Turns out you need to reboot the machine (after running the uninstaller, check out the details button, it tells you the ocx file will be deleted on boot)

Posted by: patrick t | April 14, 2008 8:33 PM | Report abuse

Thanks for spreading the word, Brian!

For some of the comments, Internet Explorer uses ActiveX Controls, and if these have been used during a session, then it will indeed sometimes require a restart before the old Control can be unregistered. More info here:

(Other browsers use Netscape Plugins, which is why there are different installations for IE and other Windows browsers.)


Posted by: John Dowdell | April 20, 2008 3:18 PM | Report abuse

Thank you for this post. I'll try this soon.


Wow, check out this site called</a
. Free SMS and free mobile ads!! Its fantastic

Posted by: Kamal | May 4, 2008 5:23 AM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company