Windows Now Running Two Versions Of Flash

Installer bug means many Windows systems must now keep two distinct versions of Flash Player up to date

Adobe has confirmed that many PCs are now required to run two separate versions of its Flash Player due to a software installer problem.

The development is likely to further increase tensions with users and IT administrators over the use of Flash, which has become a common target for attackers due to its broad use and the presence of many systems running unpatched versions.

hacker stealing password

Increased burden

The fact of two distinct builds of Flash Player on a system is an additional burden for those managing the system, since both versions must be kept up-to-date with security patches.

Flash has long been included by default with many web browsers.

Adobe confirmed that it has released a Flash Player build, version 22.0.0.210, for Windows operating systems later than Windows 8.1 running the Internet Explorer browser, in order to fix an installer bug that only affected those systems.

The bug displayed an error message telling users that they required administrator access in order to install the software, while silently installing it in the background.

“This version fixed an installer bug that caused a false error dialog to appear on systems that had Internet Explorer running during certain updates,” Adobe said in a statement.

Security concern

For other systems, including Windows 8.1 systems running Internet Explorer and any Windows system running browsers such as Firefox, Chrome or Opera, the most up-to-date version of Flash Player is 22.0.0.209, Adobe said.

Computers requiring both builds, such as a Windows 10 system running both Internet Explorer and Firefox, would now need to run the two versions of Flash Player, Adobe said.

The two builds were released as part of Microsoft’s monthly Windows software update, and both included fixes for 52 security bugs, many of which could be remotely exploited to take over a system, Adobe said.

Media outlets reported that some IT administrators had been forced to apply a second round of security patches for systems needing both versions of Flash Player.

Ongoing security issues with Flash have led Google to plan to disable it by default in its Chrome browser starting this autumn, but a security firm recently warned that the use of HTML5, the technology seen as Flash’s successor, was unlikely to make systems more secure.

Are you a security pro? Try our quiz!