Is Flash Player a security risk?

Similar Messages

• Embedding Flash Player on Secure Site

  Hello,
  I am uploading Flash movies for sales presentations to our
  secure intranet server, which is accessed from laptops that all
  have Flash Player installed.
  The IE security alert that pops up when movies are launched
  breaks the flow of the presentation ("This page contains secure and
  non-secure items"...). Is it possible to output my flash movie
  without the non-secure links to Macromedia's site? I have manually
  removed the links for current projects, but this is a pain.
  Better yet, is is possible (and legal!) to just embed the
  player securely from our own intranet?
  Thanks,
  Dan

  I cannot comment on the legality of publishing the player on
  your own site... What I have done is to replace the "http" with
  "https" to all links to the codebase that are produced. The links
  still work and it gets rid of the message.

• Flash Player 10 Security - Error 2048

  Hello all, I'm running in to an issue with Flash Player 10
  and I can't seem to figure it out. I am using an HTTP server on an
  embedded device to serve SWF files which in turn connect back to
  the device (and other devices) for XML data. The connections are
  made back to
  http://deviceip/folder - I have
  no way to access the root folder of the server. This folder
  contains no crossdomain.xml file. With FP9 I was intercepting HTTP
  requests to
  http://deviceip/folder/crossdomain.xml
  and outputting this:
  <?xml version="1.0"?>
  <!DOCTYPE cross-domain-policy SYSTEM "
  http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
  <cross-domain-policy>
  <allow-access-from domain="*" />
  </cross-domain-policy>
  The debugger says that this file is depreciated but
  everything seemed to work fine on FP9. After upgrading to FP10 I
  started getting the Security Error #2048. From what I can
  understand at
  http://www.adobe.com/go/strict_policy_files
  the only fix for error 2048 is to specify a strict policy file that
  has the meta-policy of "all" at the root of the domain. I have no
  access to the root so this presents a problem.
  I did see that you can send some HTTP header information
  instead of using a crossdomain.xml file, but I couldn't tell where
  the FP is looking for that information. I can modify headers on
  responses
  http://deviceip/folder but not on
  the response from
  http://deviceip/ I assumed that is
  where the headers are checked which leaves me in the same boat.
  I'm hoping someone has a creative idea for me to try.
  Thanks!

  Nope, never have found a solution - the fact that someone
  actually replied has taken me off guard :) Maybe someone can shed
  some light on the issue - but don't hold your breath :)

• Flash Player "known security issue"

  Trying to install update for Adobe Flash Player 15.0.0 on iMac OS X Yosemite 10.10.1 Safari Browser. Get Message "The version of "Adobe Flash Player" on your computer has known critical security issues. Only websites set to "Always Allow" are allowed to run this plug-in. To protect your system, use of this plug-in is now blocked for all other websites." I have retried download several times, but am blocked each time by the same above result.
  Please Help!
  Fritz

  Hi,
  You might want to add this as a bug over at bugbase.adobe.com.  I gave it a try on my Win 7 x64 system but wasn't able to reproduce the problem (see video link below.)  In addition to the bug report, I'd also recommend reposting over on the Flash Professional forums?  This forum is primarily for end users, the Pro forums will get you in touch with a wider developer audience.
  http://youtu.be/lWDUxrxBmoQ?hd=1
  Thanks,
  Chris

• ADOBE ANNOUNCE: Preparing for upcoming April 2008 Flash Player 9 security update

  Flash Player team is doing some 'pre-communication' around
  the security changes in the -next- version of Flash Player,
  releasing in April 2008.
  So we're starting with some blog posts, articles and
  technotes so that these changes can spread to the community. There
  will likely be more than this by release time as well (and new
  communication will come at that time).
  Blogs:
  Emmy Huang:
  http://weblogs.macromedia.com/emmy/
  Justin Everett-Church:
  http://justin.everett-church.com/
  Developer Center articles:
  "Preparing for the Flash Player 9 April 2008 Security Update"
  http://www.adobe.com/devnet/flashplayer/articles/flash_player9_security_update.html)
  Everyone should read and become familiar with the current
  article on Flash Player 9.0.115.0's 'phase 1' security changes..
  this outlines a lot of what's been changed, and gives you an idea
  what to think about for the upcoming April release. "Security
  Changes in Flash Player 9" (v9.0.115.0) at
  http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security.html.
  There are a few other articles with specifics about
  socketpolicyfile handling coming up, but they’re not quite
  done yet..
  Specific technotes w/ code:
  “Changes in allowScriptAccess default (Flash
  Player)”
  http://www.adobe.com/go/kb403183)
  “Authorization header does not work for an HTTP request
  (Flash Player)”
  http://www.adobe.com/go/kb403184)
  “Arbitrary headers are not sent from Flash Player to a
  remote domain”
  http://www.adobe.com/go/kb403185)
  “Sockets do not function in Flash Player versions later
  than 9.0.115.0”
  http://www.adobe.com/go/kb403186)
  “javascript:" URLs no longer function in networking
  APIs (Flash Player)”
  http://www.adobe.com/go/kb403187)[b
  technotes w/ code:

  Is there a release date yet? I've had management phoning me
  over the weekend panicking that the new player was going live this
  weekend. When 9,0,115,0 came out our global financial trading
  platform broke due to the socket security changes in release 115.
  This time we are prepared (as we already use dynamically generated
  socket policy files) although with no access to a beta player we
  were unable to test. Unfortunately its just another bit of negative
  perception of Flash/Flex that others can use to promote alternative
  RIA platforms. I will have a fight on my hands this year to stop us
  migrating to Silverlight.
  I'm signed up for security alerts from Adobe - is there a
  mailing list for Flash Player release date? And why can't I see a
  beta version of the new player in order to test?

• Adobe AIR skips Flash Player security sandbox

  When I installed the first Adobe AIR Showcase demo, I felt
  curious about how will it install itself from inside Flash Player
  sandbox. So I clicked "install", and it really installed something
  on my own \Program Files ! without my confirmation
  How can it be possible, I thought Flash Player had a sandbox
  but it looks as it adoble is able so skip it.
  If it is publicly available (and not a backdoor), I could use
  it to install some ActiveX controls my web application needs to
  interact with Excel.
  I checked the flash player 9 security pdf document, and it
  looks as it flash documents should not be able to write anything to
  my local disk.
  Regards,
  Daniel Montero

  You don't need AIR runtime on iOS; see http://www.adobe.com/devnet/air/articles/air-on-ios-faq.html#b

• Controlling autoupdate of Adobe Flash Player ActiveX with mms.cfg file

  For several years we have suppressed Flash Player ActiveX from autoupdating by using the mms.cfg file, with the setting "AutoUpdateDisable=1" -- and it has worked without a problem.
  With the constant updates of Flash Player for security reasons, we decided several months ago to change the autoupdate setting and allow Flash Player ActiveX to update automatically, without notifying the user, checking every seven days.  We changed the mms.cfg file to this:
  AutoUpdateDisable=0
  AutoUpdateInterval=7
  SilentAutoUpdateEnable=1
  We are using Windows 7 64-bit, so the mms.cfg file was copied/updated to: C:\Windows\SysWOW64\Macromed\Flash, as well as C:\Windows\System32\Macromed\Flash
  The problem we are randomly seeing across our 2500+ computers is a notification that a Flash Player update is available.  This is occurring on machines with the mms.cfg file in place.
  Does anyone else have this same issue?  We were also wondering if the encoding of the file, i.e., ANSI or UTF-8, has any bearing on the effectiveness of this mms.cfg file. Or has a registry setting been updated overriding the mms.cfg?
  We believe the file is encoded in UTF-8, but it is difficult to be 100% certain of this.
  Screenshot of the auto-update notification:
  Thanks
  Currently running Flash Player ActiveX 11.9.900

  You're right, it sounds very malwareish, but they will know more in the Flash Player forum  http://forums.adobe.com/community/flashplayer . This is teh Adobe Reader forum. When you post there, a screen shot may help.

• Hotmail ad is causing Adobe Flash Player error...need a fix or workaround

  Hi,
  I'm using Internet Explorer 9.0.8112.16421 (64-bit edition) on a 64-bit Windows 7 machine and using Adobe Flash Player "Square" 10.3.162.28 ActiveX 64-bit.
  Whenever I check my e-mail on Hotmail, I get the following error:
  Here are some problems:
  1. When I click on "SETTINGS," the dialogue box closes, nothing else happens, and the problem doesn't go away, even after I restart the browser.
  2. The same problem occurs even when I use the 32-bit version of Internet Explorer with the latest Adobe Flash Player.
  3. The problem appears to be caused by a sidebar ad on the Hotmail home page.
  4. I must use Hotmail.
  5. I must use Internet Explorer for various reasons.
  I would like to not have this error box pop up all the time.
  Any suggestions?
  Thanks...

  OK, here's the workaround I found:
  To fix the pop-up security error:
  1. Google "Adobe Flash Player Global Security Settings Panel". Here is the link I found:
  http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager04.htm l#117502
  2. Select "Always allow" from the settings panel.
  3. Close the browser and re-start it.
  This may not be an ideal solution, but it has been extremely painful to have to close literally dozens -- if not a hundred -- error boxes that kept popping up every day while I check my e-mail.

• Adobe Flash Player Version sicher?

  Hallo zusammen,
  man liest in letzter Zeit einiges über Sicherheitslücken im Adobe Flash Player:
  Adobe Security Bulletin APSB15-01 (Flash Player /Englisch)
  http://helpx.adobe.com/security/products/flash-player/apsa15-01.html
  Adobe Security Bulletin APSB15-02 (Flash Player Englisch)
  http://helpx.adobe.com/security/products/flash-player/apsb15-02.html
  Heise Security Online Artikel vom 22.01.2015
  http://www.heise.de/newsticker/meldung/Flash-Player-deaktivieren-Sicherheits-Update-laesst -kritische-Luecke-offen-2526789.html
  unser System:
  Betriebssystem Clients:   Windows 7
  Betriebssystem Server:   Windows Server 2008
  Adobe Flash Player Version:  14.0.0.125
  Virenschutz: F-Secure Internet Security 11.5
  Firewall + Proxy ist im Einsatz
  Wo kann überprüft werden, ob schwerwiegende Sicherheitslücken bestehen?
  Wer kann sagen, ob die Kombination aus den oben genannten System betroffen ist?
  Ich würde mich um Rückmeldungen freuen.
  Mit freundlichen Grüßen
  florians1992224

  florians1992224 wrote:
  Adobe Flash Player Version:  14.0.0.125
  Alles was ich sagen kann ist dass Ihre Flash Player version ziemlich alt ist (Juni 2014).
  Die neueste Version bei der alle bekannten Sicherheitslücken geflickt sind ist 16.0.0.193 (27. Januar 2015).
  S. http://helpx.adobe.com/security/products/flash-player/apsb15-03.html

• Empty camera names in Flash Player with Google Chrome

  So, it seems we got another problem with devices (cameras and microphones) in Flash Player integrated with Google Chrome (PPAPI). Many Flash developers can remember clickjacking problem and ugly fix for this issue implemented in Google Chrome. For now, if you have some application that uses camera or microphone, Google Chrome users must allow access to their devices twice: for Flash Player (small window centered in Flash-object) and for Google Chrome (gray panel with buttons under address bar).
  Until recently the whole process of granting camera access looked like this:
  Application want to attach camera to Video object or NetStream.
  Even without permission you can get camera names and populate some UI components with them.
  Flash Player show security panel with "Allow" and "Deny" buttons.
  Google Chrome show it's own security panel, so both security panels are visible at the same time.
  Users press "Allow" button in Flash Player security panel.
  Now you have false for camera.muted property, but camera show zero FPS, because access is still denied in browser.
  Users press "Allow" button in browser security panel.
  Win! You have access granted everywhere.
  Of course, that second security panel of Google Chrome is a real pain. Users just don't notice it. Flash developers handled this issue with hints inside application and FAQ pages. But now we have another big problem.
  Recently the process of granting camera access changed to this:
  Application want to attach camera to Video object or NetStream.
  You can't get camera names until access granted in browser. There will be just spaces (" ", symbol with code 32) in camera.name property.
  Flash Player show security panel with "Allow" and "Deny" buttons.
  Google Chrome will not show it's security panel until access granted in Flash Player.
  Users press "Allow" button in Flash Player security panel.
  Now you have false for camera.muted property, but camera show zero FPS and have no name, because access is still denied in browser.
  Google Chrome show it's own security panel.
  Users press "Allow" button in browser security panel (this panel shown twice for some reason).
  Now you have access granted everywhere, but devices still have just spaces instead of real names.
  Unfortunately, AS3 will not update camera names after access granted in browser. Camera names are empty event in Flash Player settings window before browser access granting. So it's impossible now to get camera names in Flash application running in Google Chrome without reloading. User need to grant access in browser first, than reload application and only after that we can get camera names in AS3. I have tried to use flash.media.scanHardware() to refresh camera names, but it seems it's not working.
  Also I have created a small example and posted it online. You can test it by yourself in Google Chrome. Just don't forget to clear your choice each time. You need to remove "http://wonderfl.net:80" entry from list on chrome://settings/contentExceptions#media-stream to clear your prevoius choice.
  Also I got similar complaints from Opera users.
  Here is my code:
  package
      import flash.display.Sprite;
      import flash.display.StageAlign;
      import flash.display.StageScaleMode;
      import flash.events.Event;
      import flash.events.TimerEvent;
      import flash.media.Camera;
      import flash.media.Microphone;
      import flash.media.Video;
      import flash.media.scanHardware;
      import flash.text.TextField;
      import flash.utils.Timer;
      public class BrowserPermissionTest extends Sprite
          private var output:TextField;
          private var timer:Timer;
          public function BrowserPermissionTest()
              super();
              addEventListener(Event.ADDED_TO_STAGE, addedToStageHandler);
          private function addedToStageHandler(event:Event):void
              removeEventListener(Event.ADDED_TO_STAGE, addedToStageHandler);
              stage.scaleMode = StageScaleMode.NO_SCALE;
              stage.align = StageAlign.TOP_LEFT;
              output = new TextField();
              output.border = true;
              output.multiline = true;
              output.wordWrap = true;
              output.x = output.y = 10;
              addChild(output);
              updateView();
              stage.addEventListener(Event.RESIZE, stage_resizeHandler);
              var i:int;
              var numCameras:int = 0;
              var numMicrophones:int = 0;
              if (Camera.isSupported)
                  var cameraNames:Array = Camera.names;
                  numCameras = cameraNames ? cameraNames.length : 0;
                  if (numCameras > 0)
                      log("Cameras:");
                      for (i = 0; i < numCameras; i++)
                          var cameraName:String = cameraNames[i];
                          log((i + 1) + ". \"" + cameraName + "\"");
                  else
                      log("Camera not found.");
              else
                  log("Camera is not supported.");
              log("");
              if (Microphone.isSupported)
                  var microphoneNames:Array = Microphone.names;
                  numMicrophones = microphoneNames ? microphoneNames.length : 0;
                  if (numMicrophones > 0)
                      log("Microphones:");
                      for (i = 0; i < numMicrophones; i++)
                          var microphoneName:String = microphoneNames[i];
                          log((i + 1) + ". \"" + microphoneName + "\"");
                  else
                      log("Microphone not found.");
              else
                  log("Microphone is not supported.");
              log("");
              if (numCameras > 0 || numMicrophones > 0)
                  if (numCameras > 0)
                      var defaultCamera:Camera = Camera.getCamera();
                      var video:Video = new Video(1, 1);
                      addChild(video);
                      video.attachCamera(defaultCamera);
                      defaultCamera.muted ? devicesMutedInFlashPlayer() : devicesUnmutedInFlashPlayer();
                  else if (numMicrophones > 0)
                      var defaultMicrophone:Microphone = Microphone.getMicrophone();
                      defaultMicrophone.setLoopBack(true);
                      defaultMicrophone.muted ? devicesMutedInFlashPlayer() : devicesUnmutedInFlashPlayer();
                  else
                      log("No devices found for test.");
          private function devicesMutedInFlashPlayer():void
              log("Devices are muted in Flash Player.");
              log("Starting permission check timer...");
              timer = new Timer(100);
              timer.addEventListener(TimerEvent.TIMER, flashPlayerPermissionTimer_timerHandler);
              timer.start();
          private function flashPlayerPermissionTimer_timerHandler(event:TimerEvent):void
              var defaultCamera:Camera = Camera.getCamera();
              if (!isDevicesMutedInFlashPlayer())
                  timer.stop();
                  timer.removeEventListener(TimerEvent.TIMER, flashPlayerPermissionTimer_timerHandler);
                  timer = null;
                  devicesUnmutedInFlashPlayer();
          private function devicesUnmutedInFlashPlayer():void
              log("Devices are unmuted in Flash Player.");
              isDevicesMutedInBrowser() ? devicesMutedInBrowser() : devicesUnmutedInBrowser();
          private function devicesMutedInBrowser():void
              log("Devices are muted in browser.");
              log("Starting permission check timer...");
              timer = new Timer(100);
              timer.addEventListener(TimerEvent.TIMER, browserPermissionTimer_timerHandler);
              timer.start();
          private function browserPermissionTimer_timerHandler(event:TimerEvent):void
              scanHardware();
              if (!isDevicesMutedInBrowser())
                  timer.stop();
                  timer.removeEventListener(TimerEvent.TIMER, browserPermissionTimer_timerHandler);
                  timer = null;
                  devicesUnmutedInBrowser();
          private function devicesUnmutedInBrowser():void
              log("Devices are unmuted in browser.");
          private function isDevicesMutedInFlashPlayer():Boolean
              var cameraNames:Array = Camera.names;
              var numCameras:int = cameraNames ? cameraNames.length : 0;
              if (numCameras > 0)
                  var defaultCamera:Camera = Camera.getCamera();
                  return defaultCamera.muted;
              else
                  var microphoneNames:Array = Camera.names;
                  var numMicrophones:int = microphoneNames ? microphoneNames.length : 0;
                  if (numMicrophones > 0)
                      var defaultMicrophone:Microphone = Microphone.getMicrophone();
                      return defaultMicrophone.muted;
              return true;
          private function isDevicesMutedInBrowser():Boolean
              var cameraNames:Array = Camera.names;
              var numCameras:int = cameraNames.length;
              for (var i:int = 0; i < numCameras; i++)
                  var cameraName:String = cameraNames[i];
                  if (cameraName != " ")
                      return false;
              var microphoneNames:Array = Microphone.names;
              var numMicrophones:int = microphoneNames.length;
              for (i = 0; i < numMicrophones; i++)
                  var microphoneName:String = microphoneNames[i];
                  if (microphoneName != " ")
                      return false;
              return true;
          private function log(text:String):void
              output.appendText(text + "\n");
          private function updateView():void
              output.width = stage.stageWidth - 2 * output.x;
              output.height = stage.stageHeight - 2 * output.y;
          private function stage_resizeHandler(event:Event):void
              updateView();
  So, I wonder if it's a bug or some kind of new security feature implemented by Google Chrome team? Maybe someone already faced this problem and can share more info about it.
  For now it looks like modern browsers killing Flash with all that features and ugly solutions.
  PS: You can find some silly mistakes in my message. Sorry for my English.
  Updated code to check microphones also.

  After couple of tests I have found strange behavior of PPAPI Flash.
  The test was made with two SWFs working simultaneously on the same page. The first one was asking for device access like some regular application (by calling video.attachCamera). The second SWF was created/removed in cycle by JavaScript to avoid this thing:
  Scanning the hardware for cameras takes time. When the runtime finds at least one camera, the hardware is not scanned again for the lifetime of the player instance.
  I have made both SWFs to get all devices names and post them to screen. So I was able to see all changes regarding devices in first SWF (before and after permission granted) and in refreshable second SWF (each second). Also I have used scanHardware in both SWfs.
  I have found that second (refreshable) SWF got correct list of devices, but first one got only microphones. Camera names was empty.
  So it looks like we have another bug of PPAPI Flash here. I don't have another explanation for this. I mean, why do they need to update only microphones, but not cameras?

• Flash Player not working in Outlook 2007

  Hello,
  If I word something wrong, sorry in advance, this is my first time with this forum
  I have Vista 32 bit & Firefox. I am trying to watch the Outlook 2007 Tutorial, this is the message I get when
  I click to the next page: "Macromedia Flash Player 7 or later is required to play video Install flash Player"
  I have uninstalled flash player, Disabled security to Re-Install, I have check for Shockwave Object which I don't see in
  my add-ons, I have also updated my add ons. My computer is pretty new Dell XPS_420 and everything is up to date
  I think I have search for most answers, but just can't find one that works
  I hope someone can help
  ~Rita ^_^

  Imagine4103 wrote:
   Have a day filled with smiles
  Thank you - that is a very nice thing to say!
  In Firefox, type about:plugins into the address bar.  On the resulting list find Shockwave Flash - it should list something like this:
  File: NPSWF32.dll
  Version: 10.1.102.64
  Shockwave Flash 10.1 r102
  MIME Type Description Suffixes Enabled
  application/x-shockwave-flash
  Adobe Flash movie
  swf
  Yes
  application/futuresplash
  FutureSplash movie
  spl
  Yes

• HT1338 I'm having issues installing adobe flash player

  I just unpackaged my new Macbook Air. I went to use youtube and need to install flash player. It began the install and stopped at 52% and completed the install for google chrome. Any suggestions?

  You need the following version of Flash Player (for security reasons on your Mac):
  Try to download it from here:
  flashplayer

• Flash player 10 and roaming profile

  Hi,
  Some of my clients are having similar issues since they've upgraded from flash player version 9 to version 10. They all use roaming profile, i.e user documents and settings are stored on the server rather than individual machines.
  The problem is that when they log in my application their login is successful but they don't get past that stage. This is because upon login, the application tries to write into a shared object but I believe it fails to do so.
  If they revert back to Flash player 9, it's all fine. Client with no roaming profile don't experience this issue.
  Therefore I believe there are some changes in Flash player 10 security. What should I do ?
  Thanks

  Hi !
  I knew somebody from Adobe would finally reply
  Well, I've actually come across this bug report this afternoon ! And I've asked my client to try the suggested workarounds. That was his reply :
  ' These work arounds are no good I’m afraid.  These work arounds mean we have to mess around with file redirection which we don’t want to do.  The reason these work arounds do work is that there is a Desktop folder in the local profile.  When you re-direct the Desktop the local Desktop gets moved to the network.  If we then re-create a local Desktop folder we break folder re-direction and there is potential for the user to have the wrong desktop displayed, or have files stored locally on their PC not being backed up. '
  As you can see he's not so keen to change any network settings.
  Do you have any other suggestions ?
  Thanks

• Vulnerability in Flash player - Thanks Adobe!!

  "Flash is the No. 1 reason Macs crash" - Steve Jobs
  No kidding!
  http://news.cnet.com/8301-13506_3-20043248-17.html?tag=topTechContentWrap;editor Picks

  Some interesting facts on what Adobe Flash Player 10.3.x will include:
  http://blogs.adobe.com/flashplayer/2011/03/introducing-flash-player-10-3-beta.ht ml
  Integration with browser privacy controls for managing local storage – Users will have a simpler way to clear local storage from the browser settings interface – similar to how users clear their browser cookies today. Flash Player 10.3 integrates control of local storage with the browser’s privacy settings in Mozilla Firefox 4, Microsoft Internet Explorer 8 and higher, and future releases of Apple Safari and Google Chrome. See this related post we published in January.
  Native Control Panel – The Global Settings Manager is currently a SWF residing on macromedia.com, Flash Player 10.3 provides users with streamlined controls for managing their Flash Player privacy, security and storage settings. Windows, Mac, and Linux users can access the Flash Player Settings Manager directly from the Control Panels or System Preferences on their computers. See this related post we published in January.
  Auto-Update Notification for Mac OS – Flash Player 10.3 supports automatic notification of software updates on Mac OS, making it easier for Mac users to stay current with new capabilities in the latest version of Flash Player.

• HP printer software includes old flash player that poses critical security risks

  I would like to use the HP Solution Center for a Photosmart C309a printer but the HP software includes an older flash player (Adobe Flash Player 9.0 r115) that poses critical security risks.  
  HP includes this old flash version at:
  C:\Program Files (x86)\HP\Digital Imaging\help\player\FlashPla.exe
  Is there a way to update this HP program file to a safe version of Flash Player?
  I think this is a generec security issue, but if it helps I run Windows 7 64-bit.

  Hello dghdah,
  Welcome to the HP Forums, I hope you enjoy your experience! To help you get the most out of the HP Forums I would like to direct your attention to the HP Forums Guide First Time Here? Learn How to Post and More.
  I understand you are looking for an updated version of Adobe Flash Player to use with Solution Center. When you install the Solution Center, normally Windows would skip the older version as your OS may have an up to date version. If this is not the case and the older version installed, you would need to update the flash player. Below I have linked you to the Adobe website to complete the update.
  Adobe Flash Player Support Center
  Best wishes,
  R a i n b o w 7000I work on behalf of HP
  Click the “Kudos Thumbs Up" at the bottom of this post to say
  “Thanks” for helping!
  Click “Accept as Solution” if you feel my post solved your issue, it will help others find the solution!