Highlighted

apsb16-15 doesn't address Flash Player 21.0.0.241

New Here ,
May 12, 2016

Copy link to clipboard

Copied

https://helpx.adobe.com/security/products/flash-player/apsb16-15.html is ambiguous as to whether Flash Player 21.0.0.241 (the version released on 5/10/16 via Microsoft Security Bulletin MS16-064 for Internet Explorer 11 on Windows 8.1, & Internet Explorer 11 and Microsoft Edge on Windows 10) is vulnerable to CVE-2016-4117.  In the bulletin, the Affected Versions table lists "21.0.0.213 and earlier" for Windows 8.1 and Windows 10; the Solution table lists the Updated Version as "21.0.0.242" for Windows 10 and 8.1.

What is the status of 21.0.0.241?

Also, it would help if the Affected Versions and Solution tables listed the products in the same manner - as of now they do not, and that makes it even more difficult to see what is really going on.

Garrett

Views

545

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

apsb16-15 doesn't address Flash Player 21.0.0.241

New Here ,
May 12, 2016

Copy link to clipboard

Copied

https://helpx.adobe.com/security/products/flash-player/apsb16-15.html is ambiguous as to whether Flash Player 21.0.0.241 (the version released on 5/10/16 via Microsoft Security Bulletin MS16-064 for Internet Explorer 11 on Windows 8.1, & Internet Explorer 11 and Microsoft Edge on Windows 10) is vulnerable to CVE-2016-4117.  In the bulletin, the Affected Versions table lists "21.0.0.213 and earlier" for Windows 8.1 and Windows 10; the Solution table lists the Updated Version as "21.0.0.242" for Windows 10 and 8.1.

What is the status of 21.0.0.241?

Also, it would help if the Affected Versions and Solution tables listed the products in the same manner - as of now they do not, and that makes it even more difficult to see what is really going on.

Garrett

Views

546

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
May 12, 2016 0
New Here ,
May 12, 2016

Copy link to clipboard

Copied

Related:  http://www.adobe.com/software/flash/about/ shows 21.0.0.241 as the current Flash Player version for Internet Explorer (embedded - Windows 8.1) - ActiveX and Edge (embedded - Windows 10) - ActiveX. 

(And that's yet another way of listing the products, which is likely to lead to further confusion.  Even though that's not my primary gripe here - consistency, please....)

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 12, 2016 0
Adobe Employee ,
May 12, 2016

Copy link to clipboard

Copied

Hi,


Sorry for the confusion between the two pages.  They are both correct.  The current ActiveX version for Windows 8.1/10 is 21.0.0.241, however, it doesn't contain the security fix. We expected Microsoft to release version 21.0.0.242 for Windows 8.1/10, however, don't have a firm date when they'll release it.

--

Maria

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 12, 2016 0
New Here ,
May 12, 2016

Copy link to clipboard

Copied

Thanks Maria.  In that case, the Affected Versions table in apsb16-15 should be changed such that the Affected Versions for Windows 10 and Windows 8.1 is "21.0.0.241 and earlier" (instead of the current "21.0.0.213 and earlier", which is confusing and misleading).

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 12, 2016 0
_maria_ LATEST
Adobe Employee ,
May 16, 2016

Copy link to clipboard

Copied

correction/update to my previous post (quoted below):

The bulletin was indeed updated to include '21.0.0.241 and earlier' for Windows 8.1 and 10.

--

Maria

Hi,

I don't recall off-hand the versions listed on the table when the bulletin was first posted, but as of right now, it has version 21.0.0.241 and earlier.  It's possible the table was updated at some point.  A different team manages the posting of the bulletins, and I don't have insight into that process.

Affected Version

ProductAffected VersionsPlatform
Adobe Flash Player Desktop Runtime21.0.0.226 and earlierWindows and Macintosh
Adobe Flash Player Extended Support Release18.0.0.343 and earlierWindows and Macintosh
Adobe Flash Player for Google Chrome21.0.0.216 and earlierWindows, Macintosh, Linux and ChromeOS
Adobe Flash Player for Microsoft Edge and Internet Explorer 1121.0.0.241 and earlierWindows 10
Adobe Flash Player for Internet Explorer 1121.0.0.241 and earlierWindows 8.1
Adobe Flash Player for Linux11.2.202.616 and earlierLinux
AIR Desktop Runtime21.0.0.198 and earlierWindows and Macintosh
AIR SDK21.0.0.198 and earlierWindows, Macintosh, Android and iOS
AIR SDK & Compiler21.0.0.198 and earlierWindows, Macintosh, Android and iOS

--

Maria

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 16, 2016 0