Menu Close

Adobe Flash Player Version 22.0.0.192 Released

Adobe Flash Player ​version 22.0.0.192 has been released by Adobe Systems.  Adobe Flash Player is a cross-platform browser-based application runtime that is required for viewing of certain applications, content, and videos.

 

Fixed Issues

  • ​SecurityError.prototype in Dictionary throws an exception [4100136]
  • Printing via FlexPrintJob, border of the “Print” button is missing [4136816]
  • Player crashes if “totalFrames” property of a loaded volatile MovieClip is accessed [4127339]
  • XML attributes randomly receiving null characters [4100928]
  • PPAPI Printed rectangle gets shifted in position [4119300]
  • [Chrome Only] Portrait mode prints objects smaller as compared to landscape mode [4122310]
  • DisplayObject.setScrollRect is throwing error 1508 [4150980]
  • Space metacharacter [s] doesn’t include non-breaking spaces [xA0] [4138365]
  • Error#1508 thrown on some sites with a blank screen appearing afterwards [4136470]

 

 

 

 


New Features


EnableLocalAppData

Flash applications use Appdata/Roaming directory (C:UsersusernameAppDataRoamingMacromediaFlash Player) to store information like LSOs (Local Shared Objects) or logs etc. If this folder has been redirected to a network drive, which can occur at times in enterprise environments, performance and security issues may arise. With this feature, we are providing a new property for the mms.cfg, “EnableLocalAppData” which if set, will place the Macromedia Folder (where flash app data is stored) in AppData/Local directory (C:UsersusernameAppDataLocalMacromediaFlash Player). With EnableLocalAppData, the user will be able to place their system’s AppData folder on a network location without worrying about impacting flash applications’ data or log performance. Users can set EnableLocalAppData by adding EnableLocalAppData=1, EnableLocalAppData=yes, or EnableLocalAppData=true value in mms.cfg. 


​Override Flash Player’s default language via mms.cfg

This feature allows users to change flash player’s default language by setting a property, named DefaultLanguage in mms.cfg.  Flash player’s default language will be set to the language given in DefaultLanguage key in the mms.cfg regardless of the system’s language.

Note: “Y” indicates flash player’s language will be overridden with language given in DefaultLanguage property while for “N”, “en” will be assigned for the configured language.

This feature is applicable to both Flash Player (all plugin-types) and AIR.

DefaultLanguage can have any value from table below:

Language Value Support
Win Mac PPAPI
    FP AIR FP AIR FP
Arabic ar Y Y Y N N
Bulgarian bg Y Y Y N N
Czech cs Y Y Y Y Y
Danish da Y Y Y N N
German de Y Y Y Y Y
Greek el Y Y Y N N
English en Y Y Y Y Y
English – United Kingdom en_gb Y Y Y Y N
Spanish es Y Y Y Y Y
Estonian et Y Y Y N N
Finnish fi Y Y Y N N
French fr Y Y Y Y Y
Hebrew he Y Y Y N N
Croatian hr Y Y Y N N
Hungarian hu Y Y Y N N
Italian it Y Y Y Y Y
Japanese ja Y Y Y Y Y
Korean ko Y Y Y Y Y
Azeri lt Y Y Y N N
Latvian lv Y Y Y N N
Norwegian nb Y Y Y N N
Dutch nl Y Y Y Y Y
Polish pl Y Y Y Y Y
Portuguese pt Y Y Y Y Y
Portuguese – Portugal pt_pt Y Y Y Y N
Romanian ro Y Y Y N N
Russian ru Y Y Y Y Y
Slovak sk Y Y Y N N
Slovenian sl Y Y Y N N
Serbian sr Y Y Y N N
Swedish sv Y Y Y Y Y
Thai th Y Y Y N N
Turkish tr Y Y Y Y Y
Ukrainian uk Y Y Y N N
Chinese – China  zh-CN Y Y Y Y Y
Chinese – Taiwan zh-TW Y Y Y Y Y

 


 

Known Issues

  • [Win] PPAPI multiple entries are getting created in Add Remove Programs during 
    msi upgrade [4159503]
  • Button states are handled inconsistently across Flash Player and SAP [4110334]



Security Updates

Adobe has released security updates for Adobe Flash Player for Windows.  These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.  

Adobe is aware of a report that an exploit for CVE-2016-4171 exists in the wild, and is being used in limited, targeted attacks. Please refer to APSA16-03 for additional details.

  • Adobe recommends users of the  Adobe Flash Player Desktop Runtime for Windows  update to 22.0.0.192
  • Adobe Flash Player installed with Google Chrome will be automatically updated to the latest Google Chrome version, which will include Adobe Flash Player 22.0.0.192 for Windows.
  • Adobe Flash Player installed with Microsoft Edge and Internet Explorer for Windows 10 and 8.1 will be automatically updated to the latest version, which will include Adobe Flash Player 22.0.0.192. 

 

 

Vulnerability Details

  • These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-4144, CVE-2016-4149).
  • These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-4142, CVE-2016-4143, CVE-2016-4145, CVE-2016-4146, CVE-2016-4147, CVE-2016-4148).
  • These updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2016-4135, CVE-2016-4136, CVE-2016-4138).
  • These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125, CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130, CVE-2016-4131, CVE-2016-4132, CVE-2016-4133, CVE-2016-4134, CVE-2016-4137, CVE-2016-4141, CVE-2016-4150, CVE-2016-4151, CVE-2016-4152, CVE-2016-4153, CVE-2016-4154, CVE-2016-4155, CVE-2016-4156, CVE-2016-4166, CVE-2016-4171).
  • These updates resolve a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-4140).
  • These updates resolve a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2016-4139). ​


Adobe Flash Player is one of the applications that is managed and updated by ODS.  If you are a current customer, ODS will automatically update your version of Adobe Flash Player over the next few days.  ODS will deploy both the ActiveX version and the Plugin version.  This ensures that Adobe Flash Player will function with web browsers including Internet Explorer, Firefox, and Chrome.  The update will install silently.  No user interaction is required.  There are no additional fees or charges for ODS to update your version of Adobe Flash Player. 


​​

Creative Commons License
H Tech Solutions Blog by Harris Schneiderman is licensed under a Creative Commons Attribution 4.0 International License.
Permissions beyond the scope of this license may be available at https://htechsolutions.biz/contact-us