Flash Player 13.0.0.182

In navolging van Microsoft heeft Adobe een maandelijkse patch tuesday (pleister dinsdag) ingesteld voor zijn Flash Player. Op deze dag verschijnen elke maand beveiligingsupdates voor de veelgebruikte Flash-plugin.

Gisteren is Flash 13.0.0.182 uitgebracht. In deze maandelijkse beveiligingsupdate worden vier kritieke lekken verholpen. Een daarvan werd geopenbaard door Vupen op de Pwn2Own hacker-wedstrijd vorige maand. Een ander Pwn2Own-lek lijkt nog niet gerepareerd te zijn in deze uitgave.

Behalve het dichten van lekken brengt Flash 13 ook enkele verbeteringen op het gebied van 3D-weergave en anti-aliasing. Ten slotte worden veel fouten opgelost in met name de Windows 8/8.1 versie van Flash.

Op deze pagina kun je - voor elke browser - controleren welke versie van de plugin je hebt.

Flash Player kun je los downloaden voor Internet Explorer (onder Windows XP, Vista of 7), Safari voor Mac en Firefox en Opera voor Windows, Mac of Linux. Ook kun je updaten via de automatische updater. Flash wordt standaard meegeleverd - en automatisch bijgewerkt - in Google Chrome. Voor Internet Explorer onder Windows 8 en 8.1 wordt Flash geactualiseerd via Windows Update.

Let op! Haal op de website van Flash het vinkje weg bij McAfee Security Scan Plus, Google Chrome of andere optionele software en klik op Nu installeren

Release notes:
These updates resolve a use-after-free vulnerability that could result in arbitrary code execution (CVE-2014-0506).

These updates resolve a buffer overflow vulnerability that could result in arbitrary code execution (CVE-2014-0507).

These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2014-0508).

These updates resolve a cross-site-scripting vulnerability (CVE-2014-0509).

New Features for Flash Player 13:

  • Enhanced Supplementary Character Support for TextField
    Characters from the Basic Multilingual Plane (BMP) with Unicode code points between U+10000 and U+10FFFF now work correctly in TextField controls.  This change greatly enlarges the code point range we support, and now includes characters like emoticons and complex CCJK characters.
  • New Stage3D Texture Wrapping Modes
    Developers can currently set the wrapping mode of a texture to either clamp or repeat.  Using the repeat option will repeat the texture on both the U and V axis.  However, in some use cases, you may only want to repeat the texture on either the u or v axis.

    This is now possible with the introduction of two new parameters:  REPEAT_U_CLAMP_V and CLAMP_U_REPEAT_V

  • Stage3D Anti-Aliasing for Texture Rendering
    Anti-Aliasing is a useful for improving perceived image quality.  Hardware based Multisampling Anti-Aliasing (MSAA) is now available on all desktop platforms.  To enable MSAA, set the level from 0 to 4 using the antiAlias property of the Context3D.setRenderToTexture() method.

    0 = 1 subsample, no antialiasing
    1 = 2 subsamples, minimum quality antialiasing
    2 = 4 subsamples, medium quality antialiasing
    3 = 8 subsamples, high quality antialiasing
    4 = 16 subsamples, maximum quality antialiasing

  • Relocated Full Screen Video Warning to Top of Screen
    We've made a small tweak to the "Press Esc to exit full screen mode" warning that is displayed for full screen video.  We've received feedback from developers and users that the dialog obscures content.  We wanted to make a change that both satisfies security concerns and customer viewing enjoyment.  To reduce the impact of the dialog on the on-screen content, we've moved the dialog to the top of the screen.

Notable Fixes and Enhancements:

  • 3620987 : TextBlock.findPreviousAtomBoundary incorrect after TextElement.replaceText when discretionary hyphens are used
  • 3683154 : Cannot get a get swf file to play in Chrome browser
  • 3683745 : API documentation says Event.PASTE says bubbles == false, but it is true in Flash Player
  • 3690516 : TextField scrolls when it shouldn't, because it's including/considering trailing non-zero "leading" value
  • 3693856 : [windows 8.1]PrintJob start() method is still crashed
  • 3702884 : Flash 13 Beta: ActiveX invalidation no longer functions
  • 3703799 : New version 12.0.0.44 doesn't fully install and failure to install blocks all media playing capability
  • 3717098 : Exclude Windows 8.x from CUPT & SCUP catalog for ActiveX installation
  • 3058752 : The 'Press ESC to exit full screen' dialog has been moved to the top of the screen for non stage video
  • 3617020 : Addresses an issue where Flash Player was polling GamePad before the GamePad API was invoked
  • 3683154 : [Chrome] sciencenetlinks.com - Resolves an issue where content would not load completely in rare instances where a PPAPI getDownloadProgress event was not received
  • 3679210 : Resolved an issue where TextBlock.findPreviousAtomBoundary would return an incorrect value if it was called after TextElement.replaceText when discretionary hyphens were used
  • 3679537 : [OS X 10.9] Flash Player's native control panel can now be launched through the right-click context menu as expected. [Requires OS X 10.9.1 (13B40) or higher]
  • 3680211 : Resolves an issue where Flash Player would stop rendering when embedded in a page that also contains WebGL Canvas element and was forced to fall back to software rendering.
  • 3679556 : [Win8.1] starwars.com - Full Screen content now renders in Full-Screen mode
  • 3685541 : [Win8.1] Flash Player now handles IVS characters and surrogate pairs correctly in TextFields.
  • 3697077 : [Win8.1] nba.com - Video controls are now correctly displayed in Full-Screen Mode
  • 3685519 : [Win8.x] Pressing the Menu key on the software keyboard now correctly triggers the right-click context menu when in Modern mode.
  • 3689360 : [Win8.x] Yahoo Messenger - The logo is now displayed correctly, instead of a black rectangle.
  • 3702323 : Resolves a intermittent hang encountered when playing Encrypted HLS content
  • 3652266 : Resolves performance and reliability issues encountered when scrubbing FLV videos produced by Flash Professional
  • 3710237 : [HTTP Live Streaming] - Resolves a slow memory leak.
  • 3699038 : [HTTP Live Streaming] - When switching from an Audio/Video stream to an Audio-Only stream, audio now stays in sync with main content
  • 3697077 : [Win 8.1] - Video controls now display correctly in Full-Screen mode on www.nba.com
  • 3703367 : [Win 8.x] - Resolves an issue where videos in Full-Screen mode were cut off when the zoom setting was greater than 100% on cnn.com
  • 3685522 : [Win 8.x RT] - Corrects graphics rendering corruption in Cityville when placing new buildings
  • 3698459 : [Win 8.x] - Local video playback will now start automatically when PlayTo is disconnected during playback
  • 3698456 : [Win 8.x] - PlayTo will now start in the correct location when switching between the Digital Media Renderer and the local PC
  • 3714236 : Chrome Mac][HTTP Live Streaming] Resolves an issue where enabling the ABR switch caused flickering
  • 3712302 : [Safari 7] ProductManager.isAllowed() now returns the correct value
  • 3711206 : [HTTP Live Streaming] Switching from an Audio-only stream to an Audio/Video stream now works as expected
  • 3696436 : Users can be upgraded to vulnerable beta builds (windows only)
    Installing a release build over a beta build, or vice versa,without first uninstalling Flash Player is now prohibited.  Attempting to install a release build over a beta build (and vice versa) without first uninstalling will result in an error dialog and error 1161 reported in the log file.  Downgrading beta builds is now prohibited without first uninstalling Flash Player, using the latest beta uninstaller.  Attempting to downgrade the beta Flash Player will results in an error dialog and error 1162 reported in the log file.

Reageren

Plain text

  • Toegelaten HTML-tags: <em> <strong> <br> <p>
  • Adressen van webpagina's en e-mailadressen worden automatisch naar links omgezet.
  • Regels en paragrafen worden automatisch gesplitst.
  • <img> elements are lazy-loaded.
Verplichte controlevraag
Om spam tegen te houden
duit_land