Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Firefox 35.0.1 incorrectly identifies plugins as out-of-date

  • 5 replies
  • 6 have this problem
  • 2 views
  • Last reply by James

more options

The plug-ins check update page continues to show that the "Adobe Flash PlayerShockwave Flash 16.0 r0" that I updated today (Feb. 3, 2015) is in Vulnerable Status. I went through the process of trying to update the plugin two time, have also rebooted the computer but it still shows "Vulnerable Status" !!

A bug ? This seems like a recurring problem as I see the same issue for earlier versions also in the Firefox forums.

The plug-ins check update page continues to show that the "Adobe Flash PlayerShockwave Flash 16.0 r0" that I updated today (Feb. 3, 2015) is in Vulnerable Status. I went through the process of trying to update the plugin two time, have also rebooted the computer but it still shows "Vulnerable Status" !! A bug ? This seems like a recurring problem as I see the same issue for earlier versions also in the Firefox forums.

Chosen solution

According to revision of https://helpx.adobe.com/security/products/flash-player/apsa15-02.html made today.

UPDATE (February 4): Users who have enabled auto-update for the Flash Player desktop runtime will be receiving version 16.0.0.305 beginning on February 4. This version includes a fix for CVE-2015-0313. Adobe expects to have an update available for manual download on February 5, and we are working with our distribution partners to make the update available in Google Chrome and Internet Explorer 10 and 11. For more information on updating Flash Player please refer to this post.
Read this answer in context 👍 2

All Replies (5)

more options

hi umonk2014, unforunatley the result of the plugin-check page is correct, there has been yet another vulnerability found in adobe flash player 16.0.0.296 which is already exploited in the wild. see the security advisory: https://helpx.adobe.com/security/products/flash-player/apsa15-02.html

there is no fix for it released by adobe yet and the update button on the plugin check site will lead nowhere at the moment - so it's best to set the shockwave flash plugin to ask-to-activate in the firefox addons > plugins panel!

more options

When there is a new version it may be at https://www.adobe.com/products/flashplayer/distribution3.html before get.adobe.com/flashplayer/ as was case for a few days with 16.0.0.296.

more options

Thanks Philipp & James.

So am I to understand that the most current version "16.0.0.296" that is available today (Feb 4, 2015) & that has been applied to my Firefox is fine for now..... but I should be on the lookout for the newer version soon ?

If that is so I would recommend Firefox change the language in the "Plugins Status" page and add a text that says:

"You are currently up to date to the most currently available patch but a new vulnerability has been found for which ADOBE has not provided a patch. So so it's best to set the shockwave flash plugin to "ask-to-activate" in the firefox addons > plugins panel "

Something like that. Thank you.

more options

Apparently, the exploit begins with the plugin crashing. That has not happened to me so far.

more options

Chosen Solution

According to revision of https://helpx.adobe.com/security/products/flash-player/apsa15-02.html made today.

UPDATE (February 4): Users who have enabled auto-update for the Flash Player desktop runtime will be receiving version 16.0.0.305 beginning on February 4. This version includes a fix for CVE-2015-0313. Adobe expects to have an update available for manual download on February 5, and we are working with our distribution partners to make the update available in Google Chrome and Internet Explorer 10 and 11. For more information on updating Flash Player please refer to this post.