Uitgavegeschiedenis Flash Player

Release notes:
These updates improve memory address randomization of the Flash heap for the Window 7 64-bit platform (CVE-2015-3097).
These updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2015-3135, CVE-2015-4432, CVE-2015-5118).
These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-3117, CVE-2015-3123, CVE-2015-3130, CVE-2015-3133, CVE-2015-3134, CVE-2015-4431).
These updates resolve null pointer dereference issues (CVE-2015-3126, CVE-2015-4429).
These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2015-3114).
These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2015-3119, CVE-2015-3120, CVE-2015-3121, CVE-2015-3122, CVE-2015-4433).
These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-3118, CVE-2015-3124, CVE-2015-5117, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, CVE-2015-5119).
These updates resolve vulnerabilities that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2014-0578, CVE-2015-3115, CVE-2015-3116, CVE-2015-3125, CVE-2015-5116).

Release notes:

New Features for Flash Player 18:

• Improved Flash Player Install Process

We have had consistent feedback from our customers that they prefer not to shut down their browsers to simply install Flash Player. This feature removes this requirement whenever possible. With Flash Player 18, in the vast majority of cases, the installer will no longer display a dialog to shut down the currently running browsers or applications that are using Flash Player!

Once the installation is completed, you will be notified that the browser may need to be restarted to use the newly installed version. This requirement depends on your browser’s ability to see the new version.  Either way, Flash will continue to work and you can easily force the new version to appear by simply restarting your browser when it’s convenient for you.

• Audio APIs added to Flash Player NPAPI

We have added the ability for NPAPI-compatible browsers and applications to query the player and detect if audio is currently being played and if it can be muted. This new feature will allow applications to alert the user if audio is being played and give them the ability to mute, even if the Flash content does not.

This new API is not applicable to ActionScript developers and is only available to browser and application developers that host the Flash plugin.

• Stage3D - Standard Extended Profile for Desktop

In version 17, Standard Extended Profile was introduced on iOS and Android devices that support GL ES3. In version 18, Standard ExtendedProfile support is added for Flash Player and AIR Desktop. It is represented by a new constant ‘STANDARD_EXTENDED’ in the Context3DProfile class. This constant can be used in the requestContext3D and requestContext3DMatchingProfiles methods of Stage3D. The standardExtended profile can only be accessed if the SWF version is 28 or newer.

• Browser Zoom Factor for PPAPI Plugin and non-Win 8x ActiveX

We've introduced a feature that proposes scaling of Flash content in the web browser in response to web page zoom factor change. This feature was already present for Internet Explorer on Window 8.x.  In Flash Player 18, it now supports PPAPI (Opera and Chrome) and Internet Explorer on Windows 7 and below.

Fixed Issues

• Offline FLV are running too fast Fast forward mode (3982986)
• Unable to view animated shader effect (3990831)
• Camera output shows black screen in Safari (3980552)
• Right-clicking on JWPlayer causes Firefox to hang on Windows 8 (3835579)
• Inaccurate drawing in IE on Windows 8 (3846567)
• PPAPI Plugin doesn't work on WinXP (3966268)
• Full Screen mode Flash freezes for a few seconds in Safari browser(3916445)
• Starling cannot upload texture from BitmapData in Firefox on Mac (3951802)
• ColorTransform applied to textfield using device font is ignored in Chrome (3959696)
• Zombie Tycoon game show blacked out screen (3924242)Few calendar control present on usflashmap.com stop working (3990982)
• Error #1014  Class flash.display3D.texture::VideoTexture is not found when running on flash player. (3955926)
• StageVideo fails to load error on Mac Firefox on certain configuration (3992751)
• Scrolling on high density displays fails in that child elements do not scroll at the same rate as a parent container. (3746968)
• Multiple security and functional fixes

These updates resolve a vulnerability (CVE-2015-3096) that could be exploited to bypass the fix for CVE-2014-5333. 

These updates improve memory address randomization of the Flash heap for the Window 7 64-bit platform (CVE-2015-3097). 

These updates resolve vulnerabilities that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2015-3098, CVE-2015-3099, CVE-2015-3102).  

These updates resolve a stack overflow vulnerability that could lead to code execution (CVE-2015-3100).

These updates resolve a permission issue in the Flash broker for Internet Explorer that could be exploited to perform privilege escalation from low to medium integrity level (CVE-2015-3101).    

These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2015-3104).

These updates resolve a memory corruption vulnerability that could lead to code execution (CVE-2015-3105).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-3103, CVE-2015-3106, CVE-2015-3107).

These updates resolve a memory leak vulnerability that could be used to bypass ASLR (CVE-2015-3108). 

Release notes:

New Features for Flash Player 17:

• Control Panel Improvements

The system control panel will now display the currently installed version of the ActiveX, NPAPI, and PPAPI plugins.  We've also clarified how Chrome and Chromium (PPAPI) users can edit their Flash Player settings.

• Installer Improvements - Mac

The Mac installer will no longer request users close the Chrome browser during installation.  In future versions we'll work to further improve the user experience of our installers.

Fixed Issues

• [Mac][PPAPI] The update dialog's download button should work for all languages (3951736)
• Multiple security and functional fixes

Security updates
These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, 
CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, CVE-2015-3043). 

These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2015-0356). 

These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2015-0348). 

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-0349, CVE-2015-0351, CVE-2015-0358, CVE-2015-3039). 

These updates resolve double-free vulnerabilities that could lead to code execution (CVE-2015-0346, CVE-2015-0359). 

These updates resolve memory leak vulnerabilities that could be used to bypass ASLR (CVE-2015-0357, CVE-2015-3040).  

These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2015-3044).

Release notes: