The THIRD version of the Adobe Flash Player plug-in within two weeks is now available. It is critical to UPDATE NOW.
Today's current version of Flash Player plug-in is:
All other versions are being exploited in the wild. Get rid of them now. Or just get rid of Flash altogether.
Adobe's Security Bulletin regarding this update is here:
UPDATE (January 24): Users who have enabled auto-update for the Flash Player desktop runtime will be receiving version 188.8.131.526 beginning on January 24. This version includes a fix for CVE-2015-0311. Adobe expects to have an update available for manual download during the week of January 26, and we are working with our distribution partners to make the update available in Google Chrome and Internet Explorer 10 and 11.~ ~ ~ ~ ~
Adobe is initially pushing out this Critical update via it's Flash Player preferences pane. (Gawd knows why. I consider it laziness). Therefore, here are:
Instructions For Updating Flash Via System Preferences
2) In the lowest area of System Preferences, find the 'Flash Player' preferences icon and click it. (If you don't have the Flash Player preference pane installed, you either have an ancient version of Flash Player installed or you don't have it installed at all, good for you).
3) In the resulting Flash Player preferences pane, click the 'Advanced' tab.
4) Look down the pane to the 'Updates' area.
5) Click on 'Check Now'.
This will trigger looking for the latest version of Flash Player for OS X. If you need to update, the download and installation process will start. You'll need to close your web browsers for the installation to complete. You can open them again after.
~ ~ ~ ~ ~
Following the instructions above, at least as of today, you should see this:
Note the listed version of the Flash Player plug-in. 184.108.40.2066. Further updates will show newer version numbers.
(You may wish to change the radio button from 'Allow Adobe to install updates (recommended)' to 'Notify me to install updates'. I personally choose the second option because the first option requires Adobe's annoying launch daemon to be running 24/7).
BTW: NPAPI and PPAPI are competing Internet plug-in standards. Google created PPAPI and use it in the Chromium web browsers, including Opera. No other web browsers bother with it. Everyone else uses the NPAPI standard. You can ignore 'PPAPI Plug-in is not installed.'
~ ~ ~ ~ ~
Are you sick of Adobe Flash Player security rubbish going on and on as if forever? Tell Adobe about it:
Contact | Adobe
Click 'Contact Customer Care'.
Click 'Adobe Flash Player'
Click 'How-to's and troubleshooting'
Click 'Still need help? Contact us.'
This forces you to go to the Adobe Flash Player Forum.
OR go directly to the Flash Player forum:
Check if a topic specific to Flash Player security hell has already been started. If not, start your own.
OR choose an Adobe office near you and call them:
--Thank you, as always, to my Mac security friend Al V for his help!