Advice on updating the Adobe Flash Player

If you haven't updated the Adobe Flash Player plugin in the last couple days, you shouldn't be viewing this web page.

Adobe just released an update to both versions 9 and 10 of their Flash player. The update fixes a number of problems and is available for Windows, OS X, Linux and Solaris.

The Flash player bugs are important enough that everyone should update the software. And I do mean everyone, the Flash player is very likely the most widely used software in the world. Adobe claims that the "Flash Player is installed on 98% percent of the world's desktop computers."  

Millions of web pages, including those at Computerworld.com, contain Flash content. Typically, Flash is used for ads, but websites may also use it for their navigation menus among other things.

Without the latest bug fix, a computer can get infected simply by viewing a web page.

For Windows users, upgrading the Flash player is particularly annoying as it may have to be done twice. The Flash player is packaged one way for Internet Explorer and another way for Firefox, Opera and Chrome. If, for example, you upgrade the IE version of Flash, then Firefox, Opera and Chrome won't pick up the update. Likewise, updating the Firefox version of the Flash player has no impact on Internet Explorer.

To see which version your web browsers are running, check each one at the Adobe Flash tester page (my term) www.adobe.com/products/flash/about/.

If you are running version 9, then versions 9.0.151.0 (9.0.152.0 for Linux) ) and earlier are buggy. Version 9.0.159.0  is safe. If you are running version 10, then versions 10.0.12.36 (10.0.15.3 for Linux) and earlier are buggy. Version 10.0.22.87 is safe.

Adobe always leads you to the latest and greatest, version 10.0.22.87. I mention this both because there is a safe edition of version 9, and because version 10 is relatively new. As far as I know, this is the first update to version 10. Being focused on Defensive Computing, I'm always hesitant to install the latest software. Instead, I like to hold back a while to let the inevitable bugs and incompatibilities get worked out. I haven't yet encountered a web page that required the use of Flash version 10.

You can get the latest edition of version 9 from Adobe at their page Flash Player 9 for Unsupported Operating Systems. For Windows users, the "Netscape" link works with Firefox, Opera and Chrome.

If you are new to this, Adobe provides Flash Player installation instructions.

They also offer an un-installer for the Flash Player. While not required, I suggest that Windows users first run the un-installer to remove both the IE and Firefox versions of the Flash player (see below).

flash_player_uninstall.png

There are different un-installers for Windows, OS X 10.3 and above, OS X 10.2 and below, and Mac OS 8 and 9. The Windows un-installer was last updated February 24, 2009.

SELF UPDATING

On Windows, the Flash player also has a self-updating system that may pop up the window shown below notifying you that a newer version is available (the screen shot below has been cropped a bit).

FlashPlayer_UpdateNoticeCropped.png

I wouldn't trust it.

For one thing, it doesn't say what version is currently installed and what the latest version is. It also doesn't address the multiple browser issue that Windows users face.

Another issue is not Adobe's fault at all. With all the false warnings about virus infections, we just can't trust messages like this. Bad guys writing malware could easily copy the look and feel of this message and lead someone to install their malicious software.

With a little snooping though, I found the source of this message - it's program NPSWF32_FlashUtil.exe in the

C:\WINDOWS\system32\Macromed\Flash folder.If you run this program on a system with a buggy version of the Flash Player it displays the warning that an update is available. When run on a system with a safe version of the Flash player, it does nothing. As of today (Feb. 28, 2009), it considers the latest edition of version 9 (9.0.159.0) safe.

You can change how often Adobe checks for updates using the Adobe Flash Player Settings Manager (shown below).

FlashPlayer_SelfUpdateSettings.png

The most frequent option is every 7 days. For more from Adobe, see  About updating Adobe Flash Player.

BLOCKING FLASH

Judging by the Flashblock extension to Firefox, there is a backlash against Flash. As of today, it has been downloaded 5,923,325 times. According to the website description Flashblock "... blocks ALL Flash content from loading. It then leaves placeholders on the webpage that allow you to click to download and then view the Flash content." The latest version of Flashblock was released February 6, 2009.

To express your thoughts on Computerworld content, visit Computerworld's Facebook page, LinkedIn page and Twitter stream.
4 high-growth tech fields with top pay
Shop Tech Products at Amazon