4 Replies Latest reply on Jul 22, 2015 12:41 PM by K12ITGuy

    Why doesn't "Allow Adobe to install..." actually work?  [OSX]

    K12ITGuy

      This computer is running OSX 10.9.5 and currently has version 18.0.0.194 of the NPAPI version of the Flash plugin installed.

      The setting labelled "Allow Adobe to install updates (recommended)" is selected.

      Instead of properly keeping the Flash plugin updated, all that it appears to do is to inform ME to download the new version and install it myself.
      This issue occurs on every version of OSX that I've tested.

       

       

      What I can't seem to understand is what's going on inside of Adobe that you can't make this work properly...  I've thought about this quite a bit and I can't think of a respectable, rational explanation for this.

       

      If the current version of Flash is such a security risk (which I know to be true), why wouldn't you choose to assure that those using your products are more secure?  Google does this for those using Chrome.

       

      It's possible that Google's software engineers are simply better, but Adobe could simply use the Sparkle framework (Sparkle: a free software update framework for the Mac), which has existed for many years and is used by large numbers of free and commercial OSX applications.

       

      Personally, I'm currently working on fixing this issue on OSX with a shell script and on Windows I use Chocolatey.  The obvious problem with this is that it only helps me and the users that I personally support (I work in IT).

       

      I figured that it was about time to ask Adobe...  Is there a logical reason you're not automatically updating your software, especially when it's been one of the most compromised pieces of software on the planet?

        • 1. Re: Why doesn't "Allow Adobe to install..." actually work?  [OSX]
          piyush2508 Adobe Employee

          Hi K12ITGuy,

           

          The past few releases have been major security fixes and to notify all our users about the change this one went as a Loud release. In a loud release even if you have opted for automatic update you will still receive a notification from Adobe to update to a latest version of Flash Player.

           

          Thank you, we will try to look into your suggestions

          --

          Piyush

          • 2. Re: Why doesn't "Allow Adobe to install..." actually work?  [OSX]
            m_vargas Adobe Employee

            Hi K12ITGuy,

             

            In addition to Piyush's reply, please see the blog post An outline of Flash Runtime installation options.

             

            --

            Maria

            • 3. Re: Why doesn't "Allow Adobe to install..." actually work?  [OSX]
              K12ITGuy Level 1

              piyush2508 wrote:

               

              ...even if you have opted for automatic update you will still receive a notification from Adobe to update to a latest version of Flash Player.

              Why notify me to update Flash if it's ALREADY been updated automatically (according to the settings)?  That only makes sense if the auto-update mechanism is either broken or if it's not silent (requires user input).

               

              Serendipitously, Better Touch Tool just notified me of an update with a small window.  I clicked update, it downloaded the update in ~5 seconds, installed it, and vanished.  Not silent, but it certainly didn't send me to their website to download an installer.  Better Touch Tool is developed by a single person.

              • 4. Re: Why doesn't "Allow Adobe to install..." actually work?  [OSX]
                K12ITGuy Level 1

                m_vargas wrote:

                 

                Hi K12ITGuy,

                 

                In addition to Piyush's reply, please see the blog post An outline of Flash Runtime installation options.

                 

                --

                Maria

                First, thank you for the information.  I don't remember seeing the command line package installation options for OSX in the flash plugin documentation the last time I read it.

                 

                Until recently, at work, we used Altiris to manage computers.  The linked blog post and the flash player administration guide suggest that Adobe only provides support for Microsoft System Center or Microsoft Systems Management Server.  At work, we have been aware of what Adobe offers for System Center for quite some time and will be implementing it once our transition to System Center is complete.

                 

                 

                 

                The problem with that information is that it does absolutely nothing to help anyone using a computer that's not managed by an enterprise.  It also doesn't help those using Macs in settings where the IT staff either doesn't know how to support OSX properly or refuses to (Which is sadly more common than it should be).  The end result is that millions of computers with Flash installed on them are vulnerable to known exploits that have already been fixed in newer versions of Flash.  This in turn makes criminal enterprises far more profitable since it increases the number of people vulnerable to their existing attacks which reduces the need to develop new attacks.

                 

                This is what I'm concerned about.  The more profitable/easy it is to engage in crime, the more people do it.  As online crime increases, legitimate profitability decreases and users and enterprises alike have more difficulty with maintaining security.

                 

                Clearly Adobe can't fix all of the issues with security, but they can and certainly should make at least one of them (users running insecure flash) less of an issue.