Yesterday Adobe rushed out a security update (version 10.1.85.3), one week in advance on the announced schedule, patching a critical vulnerability that has being exploited in the wild for more than one week.

As usual, users of the latest stable Firefox version on Windows are plagued with an awful manual update process, involving the installation of a ridiculous "Adobe DLM (powered by getPlus(3))" extension (forcing an extra, useless, browser restart), whose only function seems to be displaying additional banners during the download.

Even worse, this time looks like Adobe made going through this process actually impossible, on my system at least, because of a mismatch between the DLM plugin version they automatically offer, i.e. getPlusPlus for Adobe 16290, and the version actually required for downloading the Flash update with their markup:

<embed type="application/getplusplusadobe16291"
pluginspage="http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.xpi"
service-url="http://get.adobe.com/flashplayer/webservices/dlm/"
return-page="http://get.adobe.com/flashplayer/completion/dlm/"
itemid="Flash_Player_10.1_for_Windows_-_Other_Browsers"
core-product="flashplayer" dlmbanner="on" language="" os="" height="1" width="1">

As you can see, the required version is 16291, rather than 16290.

Fortunately the actual direct download URL is not impossible to discover, for instance by dinamically replacing "16291" with "16290" with a bit of javascript: magic in the address bar and sniffing the network activity.

So, if you're stuck like me or you just don't want to install this getPlusPlus crap, you probably want to use this direct link :)

19 Responses to “Yet Another Adobe Flash Painful Update”

  1. #1 Wladimir Palant says:

    Or simpler - temporarily change general.useragent.extra.firefox preference so that Adobe's sniffing doesn't recognize you as Firefox. The website will give you a direct download link then, without any additional crap.

  2. #2 Ludovic says:

    Hum the direct link is windows only :(

  3. #3 AnonymousCoward says:

    @:Ludovic
    The NoScript power-user/mod *therube* has left a set of useful links for the Flash Bewildered here:
    http://forums.informaction.com/viewtopic.php?f=19&t=3866
    I'd guess that if you go to the link for "otherversions" and your useragent string doesn't upset adobe...?
    Man, that Adobe download routine sucks and errors so much.
    I even heard myself say the other day that it would be better to have a Java-like Flash Console in Win - for the less tech user - than to go through all this junk. Just for a silly library file. At least with a console you could have a chance at monitoring all the junk. But I think that Adobe has zero ability to reduce bloat.

    I've been happily using the stand-alone link since *therube* got it for us.

    @Giorgio eh eh, you should use the search button on your own forum more ;-)

  4. #4 Anonymous Coward says:

    @Ludovic: You can always get a DLM-free direct download link from:
    http://get.adobe.com/flashplayer/otherversions/

  5. #5 Captain Canuck says:

    @Ludovic:

    You only get the get++ wth Windows anyway

  6. #6 Emil says:

    I tried to uninstall flash from Windows and when visited youtube, firefox offered me to install older version of flash player which even failed, at the end i used your download link :)

  7. #7 lither212 says:

    thanks for the links

  8. #8 LoatheAdobe says:

    This is really the most straightforward, and quite useful even for people who aren't working in a corporate environment:

    http://www.adobe.com/products/flashplayer/fp_distribution3.html

    Or you could download the codename-Square Flash 10.2 release from Labs. Making the dangerous assumption that they would have updated the download by now if it were vulnerable, the 2010-09-15 release will probably do you just fine.

  9. #9 Walter K says:

    I never use this crapware? "extension" to download Flash.
    These are direct links to the latest Flash installers:

    ActiveX/IE: http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player_ax.exe

    Firefox: http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player.exe

    As always, one needs to quit all browsers to install.

  10. #10 yamaban says:

    For the people out there in what of a 64bit version: Adobe offers a new beta called Square P1 (10.2.161.22)at Adobe-Labs:
    http://labs.adobe.com/technologies/flashplayer10/
    Download-links:
    http://labs.adobe.com/downloads/flashplayer10.html
    Notes:
    http://download.macromedia.com/pub/labs/flashplayer10/flashplayer_square_p1_releasenotes.pdf

  11. #11 Faust says:

    FYI, I've gotten weary of always trying to track down the direct link, so I now just resort to using filehippo.com, which always seems to have the latest files within 24 hrs.

  12. #12 Not So Prod IE User says:

    I know this thread is for firefox-users but for IE Users just add _ax and you will get the IE-version (if you dont understand just change install_flash_player.exe for install_flash_player_ax.exe in the link provided by maone)

  13. #13 passageguy says:

    Thx for the direct link dude ,i have the same prob ,this getPlusPlus piss me off, really.

  14. #14 Unanimous Howard says:

    What's your experience using non-x86/amd64 machines with BSD or UNIX systems?

  15. #15 Giorgio says:

    @Unanimous Howard:
    Some Solaris/Sparc, some YDL/PowerPC, some Maemo/ARM.
    May I ask you why?

  16. #16 Josh says:

    Thank you for the link sir. It solved my problem.

  17. #17 Robert` says:

    Linux distributions perfected patch management years ago with yum and aptitude. All of my Linux systems update automatically by monitoring the Linux repository hosted at Adobe.com. When a new version of AcrobatReader or Adobe flash-plugin is posted, yum-updatesd downloads and installs it. If yum-updatesd is off, all you have to do is su -c "yum -y update". There is also a GUI based prompt for updates. Software downloads, Installations, Updates, and Uninstalls is so antiquated on Windows. Under windows it is the same process i used 30 years ago. Under Linux, it is all automated.

    $ cat /etc/yum.repos.d/adobe-linux-i386.repo

    [adobe-linux-i386]

    name=Adobe Systems Incorporated

    baseurl=http://linuxdownload.adobe.com/linux/i386/

    enabled=1

    gpgcheck=1

    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux

  18. #18 Omnibus says:

    Thank you sooooo much Giorgio

  19. #19 xyloth says:

    thank you so fuckin much. Adobe sucked that time

Bad Behavior has blocked 2619 access attempts in the last 7 days.