Welcome to the latest Flash Runtime version 23 beta! We've been hard at work adding new features to Flash Player and we're looking forward to receiving feedback from our Flash Player community.
This beta release includes new features as well as enhancements and bug fixes related to security, stability, performance, and device compatibility for Flash Player 23. For full details, please see our release notes.
- The ActiveX Flash Player in this release is not compatible with Windows® 8.x or 10
- Flash Player for Windows® 8.x/10 is available as part of the generally available Windows® 8.x/10 update
New and Updated Features
HSTS Support in Flash Player
Beginning with Flash Player 23, we have introduced support for HSTS (HTTP Strict Transport Security). HSTS is an IETF standard, which enforces user agents (browsers) to use HTTPS for communication instead of HTTP. HTTPS response may have a Strict-Transport-Security(STS) header field that requests the user agent to make further requests in HTTPS. Flash Player will now acknowledge the STS header in HTTPS response.
This will be particularly helpful when a SWF calls another SWF (child SWF) that is present in HSTS enabled server. Flash Player will acknowledge the STS header in the response and further request to the same domain will always be HTTPS. This feature will be helpful in mitigating protocol hijacking attacks and cookie hijacking.
Disabling local-with-filesystem access in Flash Player by default
Beginning with Flash Player 23, local-with-network permissions will now be applied to all local SWF content, regardless of the preference chosen at compile time.
Background:When playing Flash (SWF) content from local filesystem, developers have historically been able to configure content to exclusively read from the filesystem, or communicate to the network. When this functionality was introduced over a decade ago, it enabled an interesting array of use-cases ranging from simple games to interactive kiosks. In context of modern web security, we believe that it is time to retire local filesystem functionality in the browser plugin. At the same time, Adobe AIR has been established as a robust, mature solution for delivering ActionScript-based content as a standalone application.
Vast majority of Flash Player users and content will be unaffected by this change. This change only impacts Flash content played from the local filesystem, using the browser. Flash content hosted on the internet and local webservers, as well as the Standalone Flash Player remains unaffected.
If you are a user who requires this functionality, these files can be added to the list of Trusted Locations in Flash Player.
Workarounds for Legacy Content:We highly recommend that you only circumvent these controls to enable content from sources that they trust.
For Internet Explorer, Edge, Firefox, Opera and Safari:
- On the affected system, go to: Control Panel > Flash Player > Advanced > Developer Tools > Trusted Location Settings
- Click the icon and add relevant SWF(s) to the list
For Google Chrome (and similar PPAPI browsers):
- Navigate to the page: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager04.htm l
- Choose Edit Locations > Add Locations from the list.
For System Administrators:
The legacy behavior can be restored by applying the EnableInsecureLocalWithFileSystem=1 flag to mms.cfg.
Video and Camera support for Stage3D by VideoTexture for Flash Player (Release)
In Flash Player 20 or earlier, use of video in Stage3D required use of the Video object, which is not hardware accelerated. It involved copying the video frame to a BitmapData object and then loading data onto the GPU, which made it CPU-intensive.
To address this limitation, Video texture object was introduced. It allows you to use hardware decoded video in Stage 3D content. Further, extending this capability in Flash Player 23 release, texture objects have been introduced to support the use of NetStream and Cameras in a manner similar to the use of StageVideo. These textures can be used as source textures in stage3D rendering pipeline. You can use them as rectangular, RGB, or no mipmap textures in rendering of a scene. They are treated as ARGB texture by the shaders which implies that the AGAL shaders do not have to bother about YUV to RGB conversion now. The shaders treat these textures as ARGB textures. This allows you to use the standard shaders with static images without any need for modification. When you render using these textures, the image that is used by the rendering pipeline is the the latest frame at that time. Though, there is no tearing in the video frame, if you use the same texture many times, some of these instances may be picked from different timestamps.
With the use of a VideoTexture object, all this work gets optimized internally - YUV to RGB conversion and texture loading can be completely moved to the GPU. See the VideoTexture devnet article for implementation details.
Note: Video Texture is an existing feature in AIR. It was introduced in AIR 17.0 version.
For system requirements of the current release of Flash Player in production, please visit http://www.adobe.com/products/flashplayer/systemreqs/
About the Beta Channel
To get the latest Beta build of Flash Player visit Adobe labs
Beta versions of Flash Player are also available for automatic installation via our Background Update service. Please subscribe to automatically receive update notifications for future Flash Runtime announcements.
Note: If you are having issues downloading Flash Player, it may be because of a cache or locale issue. Wait for 24 hours before retrying and if you still face issues, please post the issue in Flash Player forum