I am in charge of software distribution for my networks. I was reading through the various documents published regarding the certificate revocation to occur on Oct 4. The documents appear to contradict each other, and I'm interested to know whether I need to do anything for my network. We use AIR, Flash, Reader, and Shockwave.
On [Security Certificate Updates: http://helpx.adobe.com/x-productkb/global/certificate-updates.html], the verbiage toward the top states that no action is necessary for Flash and Reader; however, lower down on the page there are links for updates. It also directs IT administrators to another page [Guidance for IT administrators | Adobe certificate revocation: http://helpx.adobe.com/x-productkb/global/guidance-administrators-certificate-revocation.h tml#id_15988] that would seem to direct us to obtain an update. Notwithstanding, for AIR, is the actual distributable affected or only the three noted AIR applications? What about Shockwave?
What's the verdict? Do we need to deploy updates or not for the above listed products?
Thanks for catching this discrepancy. Adobe does recommend deploying an updated Flash Player if you're not using the latest version.
We've updated the Security Certificates Updates page to clearly state this.
Adobe Community Help & Learning team