cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
Locked
0
Upvote

Flash Player NPAPI security issues

Guest
Jun 05, 2017 Jun 05, 2017

Copy link to clipboard

Copied

Dear all,

Last year all security bulletins on Adobe Flash player security issues contained information on NPAPI, PPAPI and ActiveX for Windows platform. But now in all bulletins only PPAPI (Flash Player for Google Chrome) and ActiveX (Flash Player for IE/Edge) are mentioned as vulnerable. Can you tell whether Flash Player NPAPI is also vulnerable to issues mentioned, for example, here (Adobe Security Bulletin) and to other CVEs created this year?

Views

1.9K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 3 Replies 3
latest latest Jump to latest reply
_maria_ Adobe Employee
Adobe Employee ,
Jun 05, 2017 Jun 05, 2017

Copy link to clipboard

Copied

Hi,

I'm not sure why the change was made, however, while NPAPI is not specifically called out, it is implied since the NPAPI plugins is supported on Windows, Mac, and Linux.  The following table is excerpted from Adobe Security Bulletin​ and I've added the 4th column to describe each entry:

ProductAffected VersionsPlatform
Adobe Flash Player Desktop Runtime25.0.0.148 and earlierWindows, and LinuxThis is referring to the ActiveX Control, NPAPI, and PPAPI plugins for Windows and Linux.  Normally, Macintosh would be listed here as well.  It's separate this time due to the previous versions not being the same.
Adobe Flash Player Desktop Runtime25.0.0.163 and earlierMacintosh This is referring to the NPAPI and PPAPI plugins for Macintosh.
Adobe Flash Player for Google Chrome25.0.0.148 and earlierWindows, Macintosh, Linux and Chrome OSThis is referring to the PPAPI plugin Google embeds in Chrome
Adobe Flash Player for Microsoft Edge and Internet Explorer 1125.0.0.148 and earlierWindows 10 and 8.1This is referring to the ActiveX Control Microsoft embeds in Internet Explorer and Edge.

Hope this helps clarify the information.

--

Maria

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Jun 05, 2017 Jun 05, 2017

Copy link to clipboard

Copied

In Response To _maria_

Did I understand it right that NPAPI versions are vulnerable as well as PPAPI ones if I download Flah Player as a standalone app at Adobe Flash Player Install for all versions ?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
_maria_ Adobe Employee
Adobe Employee ,
Jun 05, 2017 Jun 05, 2017

Copy link to clipboard

Copied

LATEST
In Response To Deleted User

The Security Bulletin applies to all Flash Player types (ActiveX Control, NPAPI, PPAPI), so yes, NPAPI, as well as PPAPI are vulnerable and Adobe recommends updating to the latest version for all Flash Player types.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Copyright © 2024 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices