Version 21.0.1180.60 of Google Chrome was released yesterday. The new version includes several security updates as well as some new features.
Since I originally posted this, I learned that Adobe released version 11.3.300.268 to address this problem. It remains to be seen whether the problem has actually been resolved.
The latest version (11.3.300.265) of the ubiquitous Flash plugin found in most web browsers seems to be causing web browsers running on Windows 7 and Vista to crash. A quick search of Google shows that there are reports of this happening in Firefox, Chrome and Opera. Internet Explorer seems unaffected so far, possibly due to the fact that IE uses a separate (ActiveX) version of the Flash player.
Reports indicate that Mozilla is working with Adobe to resolve this problem, and presumably the other browser developers are doing the same. Meanwhile, if you’re running Windows 7 and you watch video on the web, you may run into this problem. As awful as it sounds, the only useful workaround at this point is to switch – temporarily – to Internet Explorer.
I’ve been digging through reports from all over the web, and it looks like this problem has actually been going on since as far back as 2009 and Flash 10.0.42.34. Internet Explorer may also be affected, although recent reports seem to exclude IE. Some reports imply that only 64 bit versions of Windows are affected. There are even reports that Windows XP and Mac OSX are affected. But it seems clear that something happened to Flash in version 10 that made it unstable in web browsers on Windows 7 and Vista, and the problem still exists in the most recent version of Flash, 11.3.300.265. It’s possible we’re looking at more than one problem, or one that has morphed somewhat as the Adobe developers try to fix it. An old problem that was previously fixed may have reappeared when Adobe changed something in a later version. Clearly, not all Windows 7 users are affected; if everyone who uses Youtube (the highest-profile Flash video source) on Windows 7 was having this problem, we would have heard more about it by now.
The problem seems to take slightly different forms: it may crash the browser; the plugin itself may crash, leaving the browser running; and in some cases Windows may crash. The web browser may freeze for a few minutes before any crash occurs, and Windows may become unresponsive. In most cases, the problem occurs after two or three minutes of Flash video, but it make take up to fifteen minutes. The most common scenarios involve long Youtube videos and Facebook games (both use Flash).
Here are some of the more interesting problem reports I’ve found:
- Try Internet Explorer. I know, yuck. But it’s only temporary.
- Uninstall all Flash software, then install Flash 9. This ancient version is apparently the last one that didn’t have these crashing problems. Again, this is temporary. You should upgrade to the latest version once Adobe finally fixes this problem.
- Adobe recommends uninstalling both Flash and Shockwave, then rebooting your PC, then installing the latest versions of Flash and Shockwave.
- Disable your anti-virus software. This is not recommended, although it may be useful as a test.
- Disable all non-Microsoft startup programs using MSCONFIG. If that works, re-enable each startup program one at a time until the problem recurs.
- Disable hardware acceleration in the Flash settings.
- Disable “Enable Web Download & Recording for these installed browsers” in RealPlayer (yes, in Realplayer). Some recent Flash installers include a link to a page on the Adobe support site about an incompatibility between Flash and RealPlayer, and this is the recommended solution.
- Revert to Flash version 10.3.183.20.
Prediction: if Adobe doesn’t figure this out, and Google has heard enough complaints about it, Google might be inclined to switch Youtube from Flash to HTML5. Everyone else in the world will follow Youtube, and then Flash will disappear forever and not be missed.
Update 2012Aug03: Adobe snuck a Flash update past me on July 26. Version 11.3.300.268 attempts to address crashing problems that occur on Windows and Mac computers when playing Flash content. Adobe doesn’t seem to be convinced that the problem is resolved, however: in the version announcement, they ask users for assistance in troubleshooting the problem.
A new version of Firefox was released yesterday: 14.0.1. You can download the new version from the Mozilla site.
This new version contains fixes for several security vulnerabilities, as outlined on the Firefox security advisories page.
The new version also sports several new features, including secure search, which changes the search bar to use secure searching if available. This follows Google’s recent change to use secure search by default for users logged in to Google. Secure browsing is now shown by a lock icon at the far left of the address bar, which replaces the favicon previously shown there.
The official release announcement for version 14.0.1 contains all the details.
Google has released a new version of its Chrome web browser: 20.0.1132.57, for Windows, Mac and Linux. The new version includes several security fixes, an update to Flash player and some stability/bug fixes.
Chrome typically updates itself with minimal fuss when it detects that a new version is available. You can also download the current version from the Chrome site.
One of the updates in the July 2012 Patch Tuesday collection was actually a ‘Fix-It’ that simply disables the ‘Sidebar’ and ‘Gadgets’ features of Windows Vista and Windows 7.
This drastic step was taken by Microsoft to address the general vulnerability of the Sidebar and Gadgets. Anyone who uses these features must choose between a) disabling them; and b) continuing to use them and risking the security of their computer.
The details are in Microsoft Security Advisory 2719662.
Windows computers configured for auto update should receive these patches in the next 24 hours. If you are responsible for any Windows computers that don’t use auto update, you should run Microsoft Update on those computers as soon as possible. If you’d like to avoid using Internet Explorer (required for Microsoft Update), you can download the updates as a disc image. For the technical details, here are links to all eleven of this month’s bulletins:
Microsoft has released its monthly “head’s up” for the Windows and Office updates scheduled to arrive on July 10, 2012.
There are nine bulletins/updates in total, ranging in impact from Important to Critical, affecting Windows (XP and newer) and Office (2003 and newer). One of the critical updates affects only Internet Explorer 9. Another addresses the Windows XML Core Services (MSXML) vulnerability that has been exploited increasingly in recent weeks. A total of 16 vulnerabilities will be addressed by these updates. An updated version of the Malicious Software Removal Tool is also included. A system restart will be required.
Windows computers configured for auto update should start seeing these patches in the early hours of July 10. If you are responsible for any Windows computers that don’t use auto update, you should run Microsoft Update on those computers as soon as possible after July 10. If you’d like to avoid using Internet Explorer (required for Microsoft Update), you can download the updates as a disc image. Microsoft no longer provides a web-based resource for system administrators to download offline updates.