Flash Player 9 (Flash Player 9,0,124,0) Security Update

Flash Player Update

Adobe hast just released (as a matter of fact on April 8 of 2008, but haven’t had the time to write this post until now) the Flash Player 9 (9,0,124,0), to strengthen the security of the player and to cover previous vulnerabilities.
This update will take effect on your content if:

You use sockets or XMLSockets, regardless of the domain to which you are connecting

You use addRequestHeader or URLRequest.requestHeaders in any network API call when sending or loading data cross-domain


You provide access to content on remote domains as a web service provider

You have SWFs that are exported for Flash Player 7 (SWF7) or earlier that communicate with the hosting HTML by any means

You use “javascript:” through network APIs to communicate outside a SWF
If any of this apply to your content read this article on Adobe’s Developer Connection it has indications of how to make the needed changes.
This security update will make the optional socket policy file changes introduced in Flash Player 9,0,115,0 mandatory.
Now the HTTP socket policy files will not longer allow socket access.

Flash Player has two types of policy files: HTTP policy files that are crossdomain.xml files on a server and define whether SWFs from other domains can load that server’s content; and socket policy files, which define what ports Flash Player can connect to via socket or XMLSocket connections. In the latest Flash Player, the rules regarding socket policy files have changed.
Be sure to read more of this on Adobe Developer Center so the changes go smoothly in case your content needs any.
Happy Upgrading 😀

Download the latest Flash Player (Flash Player 9,0,124,0) here.
And for developers download the Flash Player (Flash Player 9,0,124,0) debugger versions here.
This Tech Note may be of help in the case you need to uninstall the player before upgrading.

Author: Dave Gamez

Digital Craftsman from México and have more than 14 years of experience both in design and development in the digital field. I currently work in web, desktop, mobile and illustration projects alike and spend my time between being Technology Director at Team-O a Digital Studio I co-founded with Cecy Meade and doing consultancy work, when time allows it I like to experiment and tinker with code, animation and illustration.