Firefox 34.05 incorrectly identifies plugins as out-of-date
As of midnight 12/12/14, Firefox started blocking plugins (in this case, Adobe Flash and Java Deployment Toolkit, possibly others as I've just been to websites that use those), saying that they're out of date. When I click on "Update Now," the Plugin Status page tells me that all my plugins are up to date. (I'm currently running Flash 15.0.0.239 and Java Deployment Toolkit 10.71.2.14, for the record.)
I get the point of this feature, and I really don't want to permanently turn on "always allow," but having to click two "allow" prompts every time I load a website that features Flash is quickly making web browsing intolerable. I'm on the verge of switching to Google Chrome over this.
Valgt løsning
The 15.0.0.239 was not the last Flash 15 version as15.0.0.242 and older is blocked and vulnerable. The 15.0.0.246 is not affected though according to Adobe.
The plugin check page needs to be manually updated so the version it says is current may not be say for Flash. Check Flash version at http://www.adobe.com/software/flash/about/
For Firefox on Windows the current Flash player versions are 16.0.0.235 and the extended support version 13.0.0.259 at https://www.adobe.com/products/flashplayer/distribution3.html
Chrome (pepper flash) and IE (activex) has flash player versions that are affected also as per https://helpx.adobe.com/security/products/flash-player/apsb14-27.html
Flash Player Plugin 14.0 to 15.0.0.242 (click-to-play) has been blocked for your protection. https://addons.mozilla.org/firefox/blocked/p798
Flash Player Plugin 10.3.183.66 to 13.0.0.258 (click-to-play) has been blocked for your protection. https://addons.mozilla.org/firefox/blocked/p794
Flash Player Plugin on Linux 11.2.202.424 and lower (click-to-play) has been blocked for your protection. https://addons.mozilla.org/firefox/blocked/p796
fixed the blocklist links as Mozilla made a two part list for Win/Mac versions on December 12 so as to not block the 13.0.0.259 ESR version that it blocked in single list on December 11.
Læs dette svar i sammenhæng 👍 16Alle svar (20)
Valgt løsning
The 15.0.0.239 was not the last Flash 15 version as15.0.0.242 and older is blocked and vulnerable. The 15.0.0.246 is not affected though according to Adobe.
The plugin check page needs to be manually updated so the version it says is current may not be say for Flash. Check Flash version at http://www.adobe.com/software/flash/about/
For Firefox on Windows the current Flash player versions are 16.0.0.235 and the extended support version 13.0.0.259 at https://www.adobe.com/products/flashplayer/distribution3.html
Chrome (pepper flash) and IE (activex) has flash player versions that are affected also as per https://helpx.adobe.com/security/products/flash-player/apsb14-27.html
Flash Player Plugin 14.0 to 15.0.0.242 (click-to-play) has been blocked for your protection. https://addons.mozilla.org/firefox/blocked/p798
Flash Player Plugin 10.3.183.66 to 13.0.0.258 (click-to-play) has been blocked for your protection. https://addons.mozilla.org/firefox/blocked/p794
Flash Player Plugin on Linux 11.2.202.424 and lower (click-to-play) has been blocked for your protection. https://addons.mozilla.org/firefox/blocked/p796
fixed the blocklist links as Mozilla made a two part list for Win/Mac versions on December 12 so as to not block the 13.0.0.259 ESR version that it blocked in single list on December 11.
Ændret af James den
Ok, I'm seeing Flash as being "known to be vulnerable and should be updated" on about:addons, but the check at https://www.mozilla.org/en-US/plugincheck/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=plugincheck-update says it's up-to-date. The latter is the page you get taken to when you click "update now" when Firefox blocks an out-of-date plugin.
Again the Plugin check page needs to be manually updated as I think it may be seeing 15.0.0.239 version as current on Windows/Mac when it is not as there were at least two Flash player 15 updates since.
Ændret af James den
Again the Plugin check page needs to be manually updated as
Yes, everybody can manually install the Flash update
Yes, the Add-On Tab properly displays the Flash 16 update
No, the "Check Your Plugins" page does not recognize the Flash 16 update and fails to check all the other plugins for updates
Ændret af SirSimeon2003 den
Because the Plugin check page is manually updated for current version to check for. Mozilla should perhaps point you to the appropriate pages to check the plugins instead and not trying to do it themselves.
The up to date Flash check page is at http://www.adobe.com/software/flash/about/ though it does not list the ESR version for those who use it.
Ændret af James den
I have this problem since last night and may i say it`s bugging me like hell? i had problems with latest versions of flash player, they were slowing down pc performance so i installed older one which works just fine. and now mozilla comes in the middle. why? i had no problem with my pc performances, no problem with flash player, no problem with firefox.
this is stupid, i might as well turn to opera or another browser.
Because the older versions of the Flash player for the various browsers are vulnerable. https://helpx.adobe.com/security/products/flash-player/apsb14-27.html
Ændret af James den
All this is interesting but how do I fix it? How do you 'update manually' the plug in check page, and where is it? Is there a SIMPLE step by step guide for those of us who are not IT graduates and just want a simple and safe browser to use? Just like we used to have Anyone?
I have solved the Flash problem, one down.
I installed the Java Deployment Toolkit 10.71.2.14 and it still shows as 10.55.2.14 and vulnerable.
I also updated VLC Web Plugin to 2.1.5.0 and also not showing as updated. I did make sure that the mozilla plugin was checked in the install.
This update has been problematic to say the least.
I solved my problem with updating the Java plugin here:
https://support.mozilla.org/en-US/kb/use-java-plugin-to-view-interactive-content
Make sure that you delete previous versions of Java after you have the latest version installed.
Ændret af Route66W den
Adobe Flash Player 16.0.0.235 are out on 9th of december.
According to the http://www.adobe.com/software/flash/about/ page, my flash player is at version 11.2.202.425, which is the latest version for my operation system...
Yet the firefox still insists that it is out of date and blocks everything. Any ideas?
I have been working on this for hours. Short of switching to another browser I don't know what do do anymore.
EDIT: Ok, I finally find a way by disabling the stupid message completely as described here:
Ændret af Rakeh den
I had the 11.2.202.424 version and it said it was vulnerable so I downloaded the 11.2.202.425 from adobe and put the libflashplayer.so in .mozilla/plugins/ and Firefox the recognized the new version and no longer had the vulnerable message.
Disabling the blocklist is a really bad idea. You would then not know you are using a vulnerable plugin when there are updates and Extensions that have been blocked for various bad reasons will then be able to install.
Ændret af James den
James said
I had the 11.2.202.424 version and it said it was vulnerable so I downloaded the 11.2.202.425 from adobe and put the libflashplayer.so in .mozilla/plugins/ and Firefox the recognized the new version and no longer had the vulnerable message. Disabling the blocklist is a really bad idea. You would then not know you are using a vulnerable plugin when there are updates and Extensions that have been blocked for various bad reasons will then be able to install. https://addons.mozilla.org/en-us/firefox/blocked/
I did that too, as a first thing. The firefox now even says "Shockwave flash 11,2,202,425" in the plugins list.
UNFORTUNATELY, it still displays the vulnerable plugin message (both at various websites and at the plugin list) even though I apparently have the latest version.
Disabling the blocklist is not ideal solution, but apparently it is the only option for me :-(
EDIT: When I click settings in the actual flash window of the browser (on youtube for example), it even says the version is "11,2,202,425".
So I guess I am definitely using the correct version... why firefox thinks that I don't despite all the evidence to the contrary is beyond me
Ændret af Rakeh den
Rakeh said
I did that too, as a first thing. The firefox now even says "Shockwave flash 11,2,202,425" in the plugins list. UNFORTUNATELY, it still displays the vulnerable plugin message (both at various websites and at the plugin list) even though I apparently have the latest version.
Try this: Stop firefox Edit ~/.mozilla/firefox/*.default/pluginreg.dat Replace "11,2,202,425" with "11.2.202.425"
This seemed to fix it for me.
Ændret af Bermo den
None of the above helps me much. This link (libflashplayer.so) simply brings up a McAfee site advisory not to go there, so I won't. And where (what?) is " .mozilla/plugins/"?
Instead I clicked the 'Update Now' button alongside Shockwave Flash on the results of the "check to see if your add ons are up to date" page, which took me to Adobe, which took me to 16.0.0.235 (I am Win7), which I downloaded and installed. So far at least this has had the effect of again allowing me to see You Tube and all those other video clips I used to see without being told I am unsafe. Don't know why, but it does. Good enough for me.
Bermo said
Rakeh saidI did that too, as a first thing. The firefox now even says "Shockwave flash 11,2,202,425" in the plugins list. UNFORTUNATELY, it still displays the vulnerable plugin message (both at various websites and at the plugin list) even though I apparently have the latest version.Try this: Stop firefox Edit ~/.mozilla/firefox/*.default/pluginreg.dat Replace "11,2,202,425" with "11.2.202.425"
This seemed to fix it for me.
Thank you! This fixed the issue for me as well ! :-)
So I guess I hereby report a bug:
The firefox does not recognize "11,2,202,425" as the newest version because of the commas instead of punctuations used in the version name...
F0rager:
We are talking about the linux version of the flash player.
The "libflashplayer.so" is not a link, it's a file name that a browser is incorrectly identifying as link...
Ændret af Rakeh den
If after reading through this thread and you still have this problem go to:
http://www.adobe.com/products/flashplayer/distribution3.html
You will find Flash Player downloads for the different operating systems.
I am using Windows 7 and I got version 16.0.0.235 and all is well for this particular problem in this stinker of a FF update.
Route66W the older Flash being blocked has nothing to do with Firefox install or updates so Firefox 34 is not to blame. Firefox 34 was released on Dec 1st, the updated Flash version came out in Dec 9 and the blocklist of the older Flash versions started on Dec 11/12.
James said
Route66W the older Flash being blocked has nothing to do with Firefox install or updates so Firefox 34 is not to blame. Firefox 34 was released on Dec 1st, the updated Flash version came out in Dec 9 and the blocklist of the older Flash versions started on Dec 11/12.
True, but I think that firefox is certainly to blame for not recognizing the ""11,2,202,425" as the latest version on linux. The fact that the problem is solved by renaming the ""11,2,202,425" to "11.2.202.425" suggest some sort of name definition error either in the software or on the blocklist.