Microsoft security advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge: October 19, 2015

Summary
Microsoft has released a security advisory for IT professionals about vulnerabilities in Adobe Flash Player in the following web browsers:
  • Internet Explorer in Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows 10, and the Windows 10 Insider Preview
  • Microsoft Edge in Windows 10 and the Windows 10 Insider Preview
To learn more about the vulnerability, see Microsoft security advisory 2755801.
More information
Important
  • All future security and nonsecurity updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update 2919355 to be installed. We recommend that you install update 2919355 on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive future updates.
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.
How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, seeGet security updates automatically.

Note For Windows 10, Windows 10 Insider Preview, Windows RT, and Windows RT 8.1, this update is available through Windows Update only.

Method 2: Microsoft Download Center

You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

Click the download link in the following table that corresponds to the version of Windows that you are running. Find out whether your computer is running the 32- or 64-bit version of Windows

Update for Internet Explorer Flash Player for Windows 8.1 (KB3105216)

DownloadDownload the Windows8.1-KB3105216-x86.msu package now.

Update for Internet Explorer Flash Player for Windows 8.1 x64-based systems (KB3105216)

DownloadDownload the Windows8.1-KB3105216-x64.msu package now.

Update for Internet Explorer Flash Player for Windows 8 (KB3105216)

DownloadDownload the Windows8-RT-KB3105216-x86.msu package now.

Update for Internet Explorer Flash Player for Windows 8 x64-based systems (KB3105216)

DownloadDownload the Windows8-RT-KB3105216-x64.msu package now.

Update for Internet Explorer Flash Player for Windows Server 2012 (KB3105216)

DownloadDownload the Windows8-RT-KB3105216-x64.msu package now.

Update for Internet Explorer Flash Player for Windows Server 2012 R2 (KB3105216)

DownloadDownload the Windows8.1-KB3105216-x64.msu package now.


Release Date: October 19, 2015

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.
More information

Detection and deployment tools and guidance

Security Central

You can manage the software and security updates that you have to deploy to the servers, desktops, and mobile systems in your organization. For more information, see the TechNet Update Management Center. TheMicrosoft TechNet Security website provides more information about security in Microsoft products.

Security updates are available fromMicrosoft Update andWindows Update. Security updates are also available from theMicrosoft Download Center. You can find security updates most easily by doing a keyword search for "security update."

You can download security updates from theMicrosoft Update Catalog. The Microsoft Update Catalog provides a searchable catalog of content that is made available through Windows Update and Microsoft Update. This includes security updates, drivers, and service packs. For more information about the Microsoft Update Catalog, see theMicrosoft Update Catalog FAQ.

Detection and deployment guidance

Microsoft provides detection and deployment guidance for security updates. This guidance contains recommendations and information that can help IT professionals understand how to use various tools for detection and deployment of security updates. For more information, seeMicrosoft Knowledge Base article 961747.

Microsoft Baseline Security Analyzer

Microsoft Baseline Security Analyzer (MBSA) lets administrators scan local and remote systems for missing security updates and common security misconfigurations. For more information, seeMicrosoft Baseline Security Analyzer.

The following table provides the MBSA detection summary for this security update.
SoftwareMBSA
Windows 8 and Windows 8.1 for 32-bit systems No
Windows 8 and Windows 8.1 for 64-bit systemsNo
Windows Server 2012 and Windows Server 2012 R2No
Note Customers who use legacy software that is not supported by the latest release of MBSA, Microsoft Update, and Windows Server Update Services should see the "Legacy Product Support" section ofMicrosoft Baseline Security Analyzer. Here they will find information about how to create comprehensive security update detection by using legacy tools.

Windows Server Update Services

Windows Server Update Services (WSUS) lets information technology administrators deploy the latest Microsoft product updates to computers that are running Windows. For more information about how to deploy security updates by using Windows Server Update Services, see the following Microsoft TechNet article:

Systems Management Server

The following table provides the Microsoft Systems Management Server (SMS) detection and deployment summary for this security update.
SoftwareSMS 2003 with ITMUSystem Center Configuration Manager
Windows 8 and Windows 8.1 for 32-bit systems NoYes
Windows 8 and Windows 8.1 for 64-bit systemsNoYes
Windows Server 2012 and Windows Server 2012 R2NoYes
Note Microsoft discontinued support for SMS 2.0 on April 12, 2011. For SMS 2003, Microsoft also discontinued support for the Security Update Inventory Tool (SUIT) on April 12, 2011. Customers are encouraged to upgrade toSystem Center Configuration Manager. For customers who remain on SMS 2003 Service Pack 3, the Inventory Tool for Microsoft Updates (ITMU) is also an option.

For SMS 2003, the SMS 2003 Inventory Tool for Microsoft Updates (ITMU) can be used by SMS to detect security updates that are offered byMicrosoft Update and that are supported byWindows Server Update Services. For more information, see Systems Management Server 2003. For more information about SMS scanning tools, seeSystems Management Server 2003 Software Update Scanning Tools. See also Downloads for Systems Management Server 2003.

System Center Configuration Manager uses WSUS 3.0 for detection of updates. For more information, seeSystem Center.

For detailed information, seeMicrosoft Knowledge Base article 910723: Summary list of monthly detection and deployment guidance articles.

Update Compatibility Evaluator and Application Compatibility Toolkit

Updates frequently write to the same files and registry settings that are required for your applications to run. This can trigger incompatibilities and increase the time that is required to deploy security updates. You can streamline the testing and validating of Windows updates against installed applications by using theUpdate Compatibility Evaluator components that are included in Application Compatibility Toolkit.

The Application Compatibility Toolkit (ACT) contains the necessary tools and documentation to evaluate and decrease application compatibility issues before you deploy Windows Vista, a Windows update, a Microsoft Security update, or a new version of Windows Internet Explorer in your environment.

Security update deployment

Windows 8 and Windows 8.1 (all editions)

Reference table
The following table contains the security update information for this software. You can find more information in the "Deployment information" section.
DeploymentInformation
Installing without requiring user interventionFor Adobe Flash Player in Internet Explorer 10 on all supported 32-bit editions of Windows 8:
Windows8-RT-KB3105216-x86.msu /quiet
For Adobe Flash Player in Internet Explorer 10 on all supported x64-based editions of Windows 8:
Windows8-RT-KB3105216-x64.msu /quiet
For Adobe Flash Player in Internet Explorer 11 on all supported 32-bit editions of Windows 8.1:
Windows8.1-KB3105216-x86.msu /quiet
For Adobe Flash Player in Internet Explorer 11 on all supported x64-based editions of Windows 8.1:
Windows8.1-KB3105216-x64.msu /quiet
Installing without restartingFor Adobe Flash Player in Internet Explorer 10 on all supported 32-bit editions of Windows 8:
Windows8-RT-KB3105216-x86.msu /quiet /norestart
For Adobe Flash Player in Internet Explorer 10 on all supported xx64-based editions of Windows 8:
Windows8-RT-KB3105216-x64.msu /quiet /norestart
For Adobe Flash Player in Internet Explorer 11 on all supported 32-bit editions of Windows 8.1:
Windows8.1-KB3105216-x86.msu /quiet /norestart
For Adobe Flash Player in Internet Explorer 11 on all supported x64-based editions of Windows 8.1:
Windows8.1-KB3105216-x64.msu /quiet /norestart
More informationSee the "Detection and deployment tools and guidance" subsection.
Restart requirementIn some cases, this update does not require a restart. If the required files are being used, this update requires a restart. If this behavior occurs, you receive a message that advises you to restart. To help reduce the possibility that a restart will be required, you should stop all affected services and close all applications that may use the affected files before you install the security update. For more information about why you may be prompted to restart, seeMicrosoft Knowledge Base Article 887012.
HotpatchingNot applicable
Removal informationTo uninstall an update that was installed by WUSA, use the /Uninstall setup switch. Or, click Control Panel, click System and Security, click View installed updates under Windows Update, and then select from the list of updates.
Registry key verificationThere is no registry key to validate the presence of this update.
Inclusion in future service packsThe update for this issue will be included in a future service pack or update rollup.

Deployment information

Installing the update
When you install this security update, the installer checks whether one or more of the files that are being updated on your system have previously been updated by a Microsoft hotfix.

For more information about the terminology that appears in this Knowledge Base article, such as "hotfix," seeMicrosoft Knowledge Base article 824684.

This security update supports the following installation switches.
SwitchDescription
/?, /h, /helpDisplays help about supported switches.
/quietSuppresses the display of status or error messages.
/norestartWhen it is combined with /quiet, the system is not restarted after installation even if a restart is required to complete installation.
/warnrestart:<seconds>When it is combined with /quiet, the installer warns the user before it begins the restart.
/promptrestartWhen it is combined with /quiet, the installer prompts before it begins restart.
/forcerestartWhen it is combined with /quiet, the installer forcibly closes applications and begins the restart.
/log:<file name>Enables logging to the specified file.
/extract:<destination>Extracts the package contents to the destination folder.
/uninstall /kb:<KB number>Uninstalls the security update.
Note For more information about the Wusa.exe installer, see the "Windows Update Stand-alone Installer" section in the TechNet articleMiscellaneous Changes in Windows 7.
Verifying that the update was applied
Because there are several editions of Windows, the following steps may be different on your system. If they are different, see your product documentation to complete these steps.

Verifying the file version
  1. Click Start, and then type an update file name in the Search box.
  2. When the file appears under Programs, right-click the file name, and then click Properties.
  3. On the General tab, compare the file size with the file information tables that are provided in the Microsoft Knowledge Base article.

    Note Depending on the edition of the operating system or the programs that are installed on your system, some files that are listed in the file information table may not be installed.
  4. You can also click the Details tab and compare information, such as file version and date changed, with the file information tables that are provided in the Microsoft Knowledge Base article.

    Note Attributes other than the file version may change during installation. Comparing other file attributes to the information in the file information table is not a supported method of verifying that the update was applied. Also, in certain cases, files are renamed during installation. If the file or version information does not exist, use one of the other available methods to verify update installation.
  5. Finally, you can also click the Previous Versions tab and compare file information for the earlier version of the file together with the file information for the new, or updated, version of the file.

Windows Server 2012 and Windows Server 2012 R2 (all editions)

Reference table
The following table contains the security update information for this software. You can find more information in the "Deployment information" subsection in this section.
DeploymentInformation
Installing without requiring user interventionFor Adobe Flash Player in Internet Explorer 10 on all supported editions of Windows Server 2012:
Windows8-RT-KB3105216-x64.msu /quiet
For Adobe Flash Player in Internet Explorer 11 on all supported editions of Windows Server 2012 R2:
Windows8.1-KB3105216-x64.msu /quiet
Installing without restartingFor Adobe Flash Player in Internet Explorer 10 on all supported editions of Windows Server 2012:
Windows8-RT-KB3105216-x64.msu /quiet /norestart
For Adobe Flash Player in Internet Explorer 11 on all supported editions of Windows Server 2012 R2:
Windows8.1-KB3105216-x64.msu /quiet /norestart
More informationSee the "Detection and deployment tools and Guidance" subsection.
Restart requirementIn some cases, this update does not require a restart. If the required files are being used, this update requires a restart. If this behavior occurs, you receive a message that advises you to restart. To help reduce the possibility that a restart will be required, you should stop all affected services and close all applications that may use the affected files before you install the security update. For more information about why you may be prompted to restart, seeMicrosoft Knowledge Base article 887012.
HotpatchingNot applicable
Removal informationTo uninstall an update that was installed by WUSA, use the /Uninstall setup switch. Or, click Control Panel, click System and Security, click View installed updates under Windows Update, and then select from the list of updates.
Registry key verification

A registry key does not exist to validate the presence of this update.
Inclusion in future service packsThe update for this issue will be included in a future service pack or update rollup.

Deployment information

Installing the update
When you install this security update, the installer checks whether one or more of the files that are being updated on your system were previously updated by a Microsoft hotfix.

For more information about the terminology that appears in this Knowledge Base article, such as "hotfix," seeMicrosoft Knowledge Base article 824684.

This security update supports the following installation switches.
SwitchDescription
/?, /h, /helpDisplays help about supported switches.
/quietSuppresses the display of status or error messages.
/norestartWhen it is combined with/quiet, the system does not restart after the installation even if a restart is required to complete installation.
/warnrestart:<seconds>When it is combined with /quiet, the installer warns the user before it begins the restart.
/promptrestartWhen it is combined with /quiet, the installer prompts the user before it begins the restart.
/forcerestartWhen it is combined with /quiet, the installer forcibly closes applications and begins the restart.
/log:<file name>Enables logging to the specified file.
/extract:<destination>Extracts the package contents to the destination folder.
/uninstall /kb:<KB number>Uninstalls the security update.
Note For more information about the Wusa.exe installer, see "Windows Update Stand-alone Installer" in the following Microsoft TechNet article:
Verifying that the update was applied
Because there are several editions of Windows, the following steps may be different in your system. If they are different, see your product documentation to complete these steps.

Verifying the file version
  1. Click Start, and then type an update file name in the Start Search box.
  2. When the file appears under Programs, right-click the file name, and then click Properties.
  3. On the General tab, compare the file size with the file information tables that are provided in the Knowledge Base article.

    Note Depending on the edition of the operating system or the programs that are installed in your system, some files that are listed in the file information table may not be installed.
  4. You can also click the Details tab to compare information, such as file version and date changed, with the file information tables that are provided in the Knowledge Base article.

    Note Attributes other than the file version may change during installation. Comparing other file attributes to the information in the file information table is not a supported method of verifying that the update was applied. Also, in certain cases, files may be renamed during installation. If the file or version information does not exist, use one of the other available methods to verify update installation.
  5. Finally, you can also click the Previous Versions tab, and then compare file information for the earlier version of the file with the file information for the new or updated version of the file.

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

For Internet Explorer Flash Player for x86-based versions of Windows 10 (KB3105216)

File nameFile versionFile sizeDateTimePlatform
Activex.vchNot Applicable611,20616-Oct-201503:10Not Applicable
Flash.ocx19.0.0.22619,270,64016-Oct-201503:10x86
Flashplayerapp.exe19.0.0.226810,48816-Oct-201503:10x86
Flashplayercplapp.cpl19.0.0.226176,63216-Oct-201503:10Not Applicable
Flashutil_activex.dll19.0.0.226550,39216-Oct-201503:10x86
Flashutil_activex.exe19.0.0.2261,214,96816-Oct-201503:10x86

For Internet Explorer Flash Player for x64-based versions of Windows 10 (KB3105216)

File nameFile versionFile sizeDateTimePlatform
Activex.vchNot Applicable145,71816-Oct-201503:10Not Applicable
Flash.ocx19.0.0.22625,207,79216-Oct-201503:10x64
Flashutil_activex.dll19.0.0.226622,58416-Oct-201503:10x64
Flashutil_activex.exe19.0.0.226882,68016-Oct-201503:10x64
Activex.vchNot Applicable611,20616-Oct-201503:10Not Applicable
Flash.ocx19.0.0.22619,270,64016-Oct-201503:10x86
Flashplayerapp.exe19.0.0.226810,48816-Oct-201503:10x86
Flashplayercplapp.cpl19.0.0.226176,63216-Oct-201503:10Not Applicable
Flashutil_activex.dll19.0.0.226550,39216-Oct-201503:10x86
Flashutil_activex.exe19.0.0.2261,214,96816-Oct-201503:10x86

For Internet Explorer Flash Player for x86-based versions of Windows 8.1 (KB3105216)

File nameFile versionFile sizeDateTimePlatform
Activex.vchNot Applicable611,20616-Oct-201504:51Not Applicable
Flash.ocx19.0.0.22619,270,64016-Oct-201504:51x86
Flashplayerapp.exe19.0.0.226810,48816-Oct-201504:51x86
Flashplayercplapp.cpl19.0.0.226176,63216-Oct-201504:51Not Applicable
Flashutil_activex.dll19.0.0.226550,39216-Oct-201504:51x86
Flashutil_activex.exe19.0.0.2261,214,96816-Oct-201504:51x86

For Internet Explorer Flash Player for x64-based versions of Windows 8.1 and Windows Server 2012 R2 (KB3105216)

File nameFile versionFile sizeDateTimePlatform
Activex.vchNot Applicable145,71816-Oct-201504:51Not Applicable
Flash.ocx19.0.0.22625,207,79216-Oct-201504:51x64
Flashutil_activex.dll19.0.0.226622,58416-Oct-201504:51x64
Flashutil_activex.exe19.0.0.226882,68016-Oct-201504:51x64
Activex.vchNot Applicable611,20616-Oct-201504:51Not Applicable
Flash.ocx19.0.0.22619,270,64016-Oct-201504:51x86
Flashplayerapp.exe19.0.0.226810,48816-Oct-201504:51x86
Flashplayercplapp.cpl19.0.0.226176,63216-Oct-201504:51Not Applicable
Flashutil_activex.dll19.0.0.226550,39216-Oct-201504:51x86
Flashutil_activex.exe19.0.0.2261,214,96816-Oct-201504:51x86

For Internet Explorer Flash Player for x86-based versions of Windows 8 (KB3105216)

File nameFile versionFile sizeDateTimePlatform
Activex.vchNot Applicable611,20616-Oct-201506:35Not Applicable
Flash.ocx19.0.0.22619,270,10416-Oct-201506:35x86
Flashplayerapp.exe19.0.0.226809,94416-Oct-201506:35x86
Flashplayercplapp.cpl19.0.0.226176,09616-Oct-201506:35Not Applicable
Flashutil_activex.dll19.0.0.226549,85616-Oct-201506:35x86
Flashutil_activex.exe19.0.0.2261,214,42416-Oct-201506:35x86
Activex.vchNot Applicable611,20616-Oct-201506:36Not Applicable
Flash.ocx19.0.0.22619,270,10416-Oct-201506:36x86
Flashplayerapp.exe19.0.0.226809,94416-Oct-201506:36x86
Flashplayercplapp.cpl19.0.0.226176,09616-Oct-201506:36Not Applicable
Flashutil_activex.dll19.0.0.226549,85616-Oct-201506:36x86
Flashutil_activex.exe19.0.0.2261,214,42416-Oct-201506:36x86

For Internet Explorer Flash Player for x64-based versions of Windows 8 and Windows Server 2012 (KB3105216)

File nameFile versionFile sizeDateTimePlatform
Activex.vchNot Applicable145,71816-Oct-201506:35Not Applicable
Flash.ocx19.0.0.22625,207,25616-Oct-201506:35x64
Flashutil_activex.dll19.0.0.226622,04816-Oct-201506:35x64
Flashutil_activex.exe19.0.0.226882,14416-Oct-201506:35x64
Activex.vchNot Applicable145,71816-Oct-201506:36Not Applicable
Flash.ocx19.0.0.22625,207,25616-Oct-201506:36x64
Flashutil_activex.dll19.0.0.226622,04816-Oct-201506:36x64
Flashutil_activex.exe19.0.0.226882,14416-Oct-201506:36x64
Activex.vchNot Applicable611,20616-Oct-201506:35Not Applicable
Flash.ocx19.0.0.22619,270,10416-Oct-201506:35x86
Flashplayerapp.exe19.0.0.226809,94416-Oct-201506:35x86
Flashplayercplapp.cpl19.0.0.226176,09616-Oct-201506:35Not Applicable
Flashutil_activex.dll19.0.0.226549,85616-Oct-201506:35x86
Flashutil_activex.exe19.0.0.2261,214,42416-Oct-201506:35x86
Activex.vchNot Applicable611,20616-Oct-201506:36Not Applicable
Flash.ocx19.0.0.22619,270,10416-Oct-201506:36x86
Flashplayerapp.exe19.0.0.226809,94416-Oct-201506:36x86
Flashplayercplapp.cpl19.0.0.226176,09616-Oct-201506:36Not Applicable
Flashutil_activex.dll19.0.0.226549,85616-Oct-201506:36x86
Flashutil_activex.exe19.0.0.2261,214,42416-Oct-201506:36x86

File hash information

Package NamePackage Hash SHA 1Package Hash SHA 2
Windows10.0-KB3105216-x64.msuC58098393C74D350A257574D03AF33D505E3DE76F398ECCA199999C0794C9784D34EF6B31CFA7839223928C29FDEA2A6930BC78F
Windows10.0-KB3105216-x86.msu838684FB4637CFFCE182199101FAC767F812A92F151104E2FDFCDE74FAB2811BF744B3E7990B61E2E6EAF5FF26BF3F0D3C7F8A80
Windows8-RT-KB3105216-x64.msu3B1B54D7EA3445D0C415731A868F33B30A229FA05032F7A074FF5C2620F86F46E1B91660DA8B0BB571A70A7610CEF6851123B2F3
Windows8-RT-KB3105216-x86.msu24DAEAB7F3C146F18D370D13C0EB3F78BCC48483AB676BCE203FD6CBAD6A42C4FC99FE5854287DEAACE9DC9DF44AC5E7061EEBF2
Windows8.1-KB3105216-x64.msuFB80E02EF25FABCF0263EEB4CE07E265077722372E7453D62BA23AF9617189DFFAB31E2FFEEC54C74F6D0E08FA3D760383963DB1
Windows8.1-KB3105216-x86.msu28D9A6F5F3AD0FE4E4AF44B2EB7B358270B957F6119E4C4F726DF33703BBFB89F57B0582F1D9493D6BC3ED5A521485DDE7B55B1D
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE
Properties

Article ID: 3105216 - Last Review: 01/20/2016 19:57:00 - Revision: 2.0

Windows 10 Education, released in July 2015, Windows 10 Enterprise, released in July 2015, Windows 10 Home, released in July 2015, Windows 10 Pro, released in July 2015, Windows RT 8.1, Windows 8.1, Windows 8.1 Enterprise, Windows 8.1 Pro, Windows Server 2012 R2 Datacenter, Windows Server 2012 R2 Essentials, Windows Server 2012 R2 Foundation, Windows Server 2012 R2 Standard, Windows RT, Windows 8, Windows 8 Enterprise, Windows 8 Pro, Windows Server 2012 Datacenter, Windows Server 2012 Essentials, Windows Server 2012 Foundation, Windows Server 2012 Standard

  • atdownload kbfix kbexpertiseinter kbinfo kbsecadvisory kbsecurity kbsecvulnerability KB3105216
Feedback