Microsoft security advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer: February 5, 2015

Work anywhere from any device with Microsoft 365

Upgrade to Microsoft 365 to work anywhere with the latest features and updates.

Upgrade now


Microsoft Knowledge Base article 3037975 redirects you to this article because that article describes the same Windows 10 Technical Preview security updates that are included in this security update.

INTRODUCTION

Microsoft has released a security advisory about this issue for IT professionals. This security advisory contains additional security-related information. To view the security advisory, go to the following Microsoft website:

https://technet.microsoft.com/security/advisory/2755801

More Information

Known issues with this security update

  • Windows Update will not offer this security update to Windows RT-based computers until update 2808380 is installed. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

    2808380 Windows RT-based device cannot download software updates or Windows Store apps

Resolution

The following files are available for download from the Microsoft Download Center:

Update for Internet Explorer Flash Player for Windows 8.1 (KB3021953)

Download the Windows8.1-KB3021953-x86.msu package now.

Update for Internet Explorer Flash Player for Windows 8.1 x64-based systems (KB3021953)

Download the Windows8.1-KB3021953-x64.msu package now.

Update for Internet Explorer Flash Player for Windows 8 (KB3021953)

Download the Windows8-RT-KB3021953-x86.msu package now.

Update for Internet Explorer Flash Player for Windows 8 x64-based systems (KB3021953)

Download the Windows8-RT-KB3021953-x64.msu package now.

Update for Internet Explorer Flash Player for Windows Server 2012 (KB3021953)

Download the Windows8-RT-KB3021953-x64.msu package now.

Update for Internet Explorer Flash Player for Windows Server 2012 R2 (KB3021953)

Download the Windows8.1-KB3021953-x64.msu package now.

Release Date: February 5, 2015

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to obtain Microsoft support files from online servicesMicrosoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.


Note Windows Technical Preview and Windows Server Technical Preview are affected. Customers who are running these operating systems are encouraged to apply the update from Windows Update.

Update information

Security CentralYou can manage the software and security updates that you have to deploy to the servers, desktops, and mobile systems in your organization. For more information, see the TechNet Update Management Center. The
Microsoft TechNet Security website provides more information about security in Microsoft products.

Security updates are available from
Microsoft Update and
Windows Update. Security updates are also available from the
Microsoft Download Center. You can find security updates most easily by doing a keyword search for "security update."

You can download security updates from the
Microsoft Update Catalog. The Microsoft Update Catalog provides a searchable catalog of content that is made available through Windows Update and Microsoft Update. This includes security updates, drivers, and service packs. For more information about the Microsoft Update Catalog, see the
Microsoft Update Catalog FAQ.

Detection and deployment guidanceMicrosoft provides detection and deployment guidance for security updates. This guidance contains recommendations and information that can help IT professionals understand how to use various tools for detection and deployment of security updates. For more information, see
Microsoft Knowledge Base article 961747.

Microsoft Baseline Security AnalyzerMicrosoft Baseline Security Analyzer (MBSA) lets administrators scan local and remote systems for missing security updates and common security misconfigurations. For more information, see
Microsoft Baseline Security Analyzer.

The following table provides the MBSA detection summary for this security update.

Software

MBSA

Windows 8 and Windows 8.1 for 32-bit systems

No

Windows 8 and Windows 8.1 for 64-bit systems

No

Windows Server 2012 and Windows Server 2012 R2

No

Note Customers who use legacy software that is not supported by the latest release of MBSA, Microsoft Update, and Windows Server Update Services should see the "Legacy Product Support" section of
Microsoft Baseline Security Analyzer. Here they will find information about how to create comprehensive security update detection by using legacy tools.

Windows Server Update ServicesWindows Server Update Services (WSUS) lets information technology administrators deploy the latest Microsoft product updates to computers that are running Windows. For more information about how to deploy security updates by using Windows Server Update Services, see the following Microsoft TechNet article:

Windows Server Update Services

Systems Management ServerThe following table provides the Microsoft Systems Management Server (SMS) detection and deployment summary for this security update.

Software

SMS 2003 with ITMU

System Center Configuration Manager

Windows 8 and Windows 8.1 for 32-bit systems

No

Yes

Windows 8 and Windows 8.1 for 64-bit systems

No

Yes

Windows Server 2012 and Windows Server 2012 R2

No

Yes

Note Microsoft discontinued support for SMS 2.0 on April 12, 2011. For SMS 2003, Microsoft also discontinued support for the Security Update Inventory Tool (SUIT) on April 12, 2011. Customers are encouraged to upgrade to
System Center Configuration Manager. For customers who remain on SMS 2003 Service Pack 3, the Inventory Tool for Microsoft Updates (ITMU) is also an option.

For SMS 2003, the SMS 2003 Inventory Tool for Microsoft Updates (ITMU) can be used by SMS to detect security updates that are offered by
Microsoft Update and that are supported by
Windows Server Update Services. For more information, see Systems Management Server 2003. For more information about SMS scanning tools, see
Systems Management Server 2003 Software Update Scanning Tools. See also Downloads for Systems Management Server 2003.

System Center Configuration Manager uses WSUS 3.0 for detection of updates. For more information, see
System Center.

For detailed information, see
Microsoft Knowledge Base article 910723: Summary list of monthly detection and deployment guidance articles.

Update Compatibility Evaluator and Application Compatibility Toolkit

Updates frequently write to the same files and registry settings that are required for your applications to run. This can trigger incompatibilities and increase the time that is required to deploy security updates. You can streamline the testing and validating of Windows updates against installed applications by using the
Update Compatibility Evaluator components that are included in Application Compatibility Toolkit.

The Application Compatibility Toolkit (ACT) contains the necessary tools and documentation to evaluate and decrease application compatibility issues before you deploy Windows Vista, a Windows update, a Microsoft Security update, or a new version of Windows Internet Explorer in your environment.

Windows 8 and Windows 8.1 (all editions)

Reference tableThe following table contains the security update information for this software. You can find more information in the "Deployment information" section.

Deployment

Information

Installing without requiring user intervention

For Adobe Flash Player in Internet Explorer 10 on all supported 32-bit editions of Windows 8:
Windows8-RT-KB3021953-x86.msu /quiet

For Adobe Flash Player in Internet Explorer 10 on all supported x64-based editions of Windows 8:
Windows8-RT-KB3021953-x64.msu /quiet

For Adobe Flash Player in Internet Explorer 11 on all supported 32-bit editions of Windows 8.1:
Windows8.1-KB3021953-x86.msu /quiet

For Adobe Flash Player in Internet Explorer 11 on all supported x64-based editions of Windows 8.1:
Windows8.1-KB3021953-x64.msu /quiet

Installing without restarting

For Adobe Flash Player in Internet Explorer 10 on all supported 32-bit editions of Windows 8:
Windows8-RT-KB3021953-x86.msu /quiet /norestart

For Adobe Flash Player in Internet Explorer 10 on all supported xx64-based editions of Windows 8:
Windows8-RT-KB3021953-x64.msu /quiet /norestart

For Adobe Flash Player in Internet Explorer 11 on all supported 32-bit editions of Windows 8.1:

Windows8.1-KB3021953-x86.msu /quiet /norestart

For Adobe Flash Player in Internet Explorer 11 on all supported x64-based editions of Windows 8.1:

Windows8.1-KB3021953-x64.msu /quiet /norestart

More information

See the "Detection and deployment tools and guidance" subsection.

Restart requirement

In some cases, this update does not require a restart. If the required files are being used, this update requires a restart. If this behavior occurs, you receive a message that advises you to restart. To help reduce the possibility that a restart will be required, you should stop all affected services and close all applications that may use the affected files before you install the security update. For more information about why you may be prompted to restart, see
Microsoft Knowledge Base Article 887012.

Hotpatching

Not applicable

Removal information

To uninstall an update that was installed by WUSA, use the /Uninstall setup switch. Or, click Control Panel, click System and Security, click View installed updates under Windows Update, and then select from the list of updates.

Registry key verification

There is no registry key to validate the presence of this update.

Inclusion in future service packs

The update for this issue will be included in a future service pack or update rollup.

Deployment information

Installing the updateWhen you install this security update, the installer checks whether one or more of the files that are being updated on your system have previously been updated by a Microsoft hotfix.

For more information about the terminology that appears in this Knowledge Base article, such as "hotfix," see
Microsoft Knowledge Base article 824684.

This security update supports the following installation switches.

Switch

Description

/?, /h, /help

Displays help about supported switches.

/quiet

Suppresses the display of status or error messages.

/norestart

When s combined with/quiet, the system is not restarted after installation even if a restart is required to complete installation.

/warnrestart:<seconds>

When it is combined with /quiet, the installer warns the user before it begins the restart.

/promptrestart

When it is combined with /quiet, the installer prompts before it begins restart.

/forcerestart

When it is combined with /quiet, the installer forcibly closes applications and begins the restart.

/log:<file name>

Enables logging to the specified file.

/extract:<destination>

Extracts the package contents to the destination folder.

/uninstall /kb:<KB number>

Uninstalls the security update.

Note For more information about the Wusa.exe installer, see the "Windows Update Stand-alone Installer" section in the TechNet article
Miscellaneous Changes in Windows 7.

Verifying that the update was appliedBecause there are several editions of Windows, the following steps may be different on your system. If they are different, see your product documentation to complete these steps.

Verifying the file version

  1. Click Start, and then type an update file name in the Search box.

  2. When the file appears under Programs, right-click the file name, and then click Properties.

  3. On the General tab, compare the file size with the file information tables that are provided in the Microsoft Knowledge Base article.

    Note Depending on the edition of the operating system or the programs that are installed on your system, some files that are listed in the file information table may not be installed.

  4. You can also click the Details tab and compare information, such as file version and date changed, with the file information tables that are provided in the Microsoft Knowledge Base article.

    Note Attributes other than the file version may change during installation. Comparing other file attributes to the information in the file information table is not a supported method of verifying that the update was applied. Also, in certain cases, files are renamed during installation. If the file or version information does not exist, use one of the other available methods to verify update installation.

  5. Finally, you can also click the Previous Versions tab and compare file information for the earlier version of the file together with the file information for the new, or updated, version of the file.

Windows Server 2012 and Windows Server 2012 R2 (all editions)

Reference tableThe following table contains the security update information for this software. You can find more information in the "Deployment information" subsection in this section.

Deployment

Information

Installing without requiring user intervention

For Adobe Flash Player in Internet Explorer 10 on all supported editions of Windows Server 2012:
Windows8-RT-KB3021953-x64.msu /quiet

For Adobe Flash Player in Internet Explorer 11 on all supported editions of Windows Server 2012 R2:

Windows8.1-KB3021953-x64.msu /quiet

Installing without restarting

For Adobe Flash Player in Internet Explorer 10 on all supported editions of Windows Server 2012:
Windows8-RT-KB3021953-x64.msu /quiet /norestart

For Adobe Flash Player in Internet Explorer 11 on all supported editions of Windows Server 2012 R2:

Windows8.1-KB3021953-x64.msu /quiet /norestart

More information

See the "Detection and deployment tools and Guidance" subsection.

Restart requirement

In some cases, this update does not require a restart. If the required files are being used, this update requires a restart. If this behavior occurs, you receive a message that advises you to restart. To help reduce the possibility that a restart will be required, you should stop all affected services and close all applications that may use the affected files before you install the security update. For more information about why you may be prompted to restart, see
Microsoft Knowledge Base article 887012.

Hotpatching

Not applicable

Removal information

To uninstall an update that was installed by WUSA, use the /Uninstall setup switch, or click Control Panel, click System and Security, click View installed updates under Windows Update, and then select from the list of updates.

Registry key verification



A registry key does not exist to validate the presence of this update.

Inclusion in future service packs

The update for this issue will be included in a future service pack or update rollup.

Deployment information

Installing the updateWhen you install this security update, the installer checks whether one or more of the files that are being updated on your system were previously updated by a Microsoft hotfix.

For more information about the terminology that appears in this Knowledge Base article, such as "hotfix," see
Microsoft Knowledge Base article 824684.

This security update supports the following installation switches.

Switch

Description

/?, /h, /help

Displays help about supported switches.

/quiet

Suppresses the display of status or error messages.

/norestart

When it is combined with/quiet, the system does not restart after the installation even if a restart is required to complete installation.

/warnrestart:<seconds>

When it is combined with /quiet, the installer warns the user before it begins the restart.

/promptrestart

When it is combined with /quiet, the installer prompts the user before it begins the restart.

/forcerestart

When it is combined with /quiet, the installer forcibly closes applications and begins the restart.

/log:<file name>

Enables logging to the specified file.

/extract:<destination>

Extracts the package contents to the destination folder.

/uninstall /kb:<KB number>

Uninstalls the security update.

Note For more information about the Wusa.exe installer, see "Windows Update Stand-alone Installer" in the following Microsoft TechNet article:

Miscellaneous Changes in Windows 7

Verifying that the update was appliedBecause there are several editions of Windows, the following steps may be different in your system. If they are different, see your product documentation to complete these steps.

Verifying the file version

  1. Click Start, and then type an update file name in the Start Search box.

  2. When the file appears under Programs, right-click the file name, and then click Properties.

  3. On the General tab, compare the file size with the file information tables that are provided in the Knowledge Base article.

    Note Depending on the edition of the operating system or the programs that are installed in your system, some files that are listed in the file information table may not be installed.

  4. You can also click the Details tab to compare information, such as file version and date changed, with the file information tables that are provided in the Knowledge Base article.

    Note Attributes other than the file version may change during installation. Comparing other file attributes to the information in the file information table is not a supported method of verifying that the update was applied. Also, in certain cases, files may be renamed during installation. If the file or version information does not exist, use one of the other available methods to verify update installation.

  5. Finally, you can also click the Previous Versions tab, and then compare file information for the earlier version of the file with the file information for the new or updated version of the file.


The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

For Internet Explorer Flash Player for x86-based versions of Windows 8.1 (KB3021953)

File name

File version

File size

Date

Time

Platform

Activex.vch

Not Applicable

587,158

03-Feb-2015

19:31

Not Applicable

Flash.ocx

16.0.0.305

18,626,528

03-Feb-2015

19:31

x86

Flashplayerapp.exe

16.0.0.305

714,720

03-Feb-2015

19:31

x86

Flashplayercplapp.cpl

16.0.0.305

106,976

03-Feb-2015

19:31

Not Applicable

Flashutil_activex.dll

16.0.0.305

582,112

03-Feb-2015

19:31

x86

Flashutil_activex.exe

16.0.0.305

984,544

03-Feb-2015

19:31

x86

For Internet Explorer Flash Player for x64-based versions of Windows 8.1 and Windows Server 2012 R2 (KB3021953)

File name

File version

File size

Date

Time

Platform

Activex.vch

Not Applicable

139,818

03-Feb-2015

19:31

Not Applicable

Flash.ocx

16.0.0.305

23,887,328

03-Feb-2015

19:31

x64

Flashutil_activex.dll

16.0.0.305

648,672

03-Feb-2015

19:31

x64

Flashutil_activex.exe

16.0.0.305

637,920

03-Feb-2015

19:31

x64

Activex.vch

Not Applicable

587,158

03-Feb-2015

19:31

Not Applicable

Flash.ocx

16.0.0.305

18,626,528

03-Feb-2015

19:31

x86

Flashplayerapp.exe

16.0.0.305

714,720

03-Feb-2015

19:31

x86

Flashplayercplapp.cpl

16.0.0.305

106,976

03-Feb-2015

19:31

Not Applicable

Flashutil_activex.dll

16.0.0.305

582,112

03-Feb-2015

19:31

x86

Flashutil_activex.exe

16.0.0.305

984,544

03-Feb-2015

19:31

x86

For Internet Explorer Flash Player for x86-based versions of Windows 8 (KB3021953)

File name

File version

File size

Date

Time

Platform

Activex.vch

Not Applicable

587,158

03-Feb-2015

19:29

Not Applicable

Flash.ocx

16.0.0.305

18,625,984

03-Feb-2015

19:29

x86

Flashplayerapp.exe

16.0.0.305

714,184

03-Feb-2015

19:29

x86

Flashplayercplapp.cpl

16.0.0.305

106,440

03-Feb-2015

19:29

Not Applicable

Flashutil_activex.dll

16.0.0.305

581,576

03-Feb-2015

19:29

x86

Flashutil_activex.exe

16.0.0.305

984,000

03-Feb-2015

19:29

x86

Activex.vch

Not Applicable

587,158

03-Feb-2015

19:34

Not Applicable

Flash.ocx

16.0.0.305

18,625,984

03-Feb-2015

19:34

x86

Flashplayerapp.exe

16.0.0.305

714,184

03-Feb-2015

19:34

x86

Flashplayercplapp.cpl

16.0.0.305

106,440

03-Feb-2015

19:34

Not Applicable

Flashutil_activex.dll

16.0.0.305

581,576

03-Feb-2015

19:34

x86

Flashutil_activex.exe

16.0.0.305

984,000

03-Feb-2015

19:34

x86

For Internet Explorer Flash Player for x64-based versions of Windows 8 and Windows Server 2012 (KB3021953)

File name

File version

File size

Date

Time

Platform

Activex.vch

Not Applicable

139,818

03-Feb-2015

19:29

Not Applicable

Flash.ocx

16.0.0.305

23,886,784

03-Feb-2015

19:29

x64

Flashutil_activex.dll

16.0.0.305

648,136

03-Feb-2015

19:29

x64

Flashutil_activex.exe

16.0.0.305

637,384

03-Feb-2015

19:29

x64

Activex.vch

Not Applicable

139,818

03-Feb-2015

19:34

Not Applicable

Flash.ocx

16.0.0.305

23,886,784

03-Feb-2015

19:34

x64

Flashutil_activex.dll

16.0.0.305

648,136

03-Feb-2015

19:34

x64

Flashutil_activex.exe

16.0.0.305

637,384

03-Feb-2015

19:34

x64

Activex.vch

Not Applicable

587,158

03-Feb-2015

19:29

Not Applicable

Flash.ocx

16.0.0.305

18,625,984

03-Feb-2015

19:29

x86

Flashplayerapp.exe

16.0.0.305

714,184

03-Feb-2015

19:29

x86

Flashplayercplapp.cpl

16.0.0.305

106,440

03-Feb-2015

19:29

Not Applicable

Flashutil_activex.dll

16.0.0.305

581,576

03-Feb-2015

19:29

x86

Flashutil_activex.exe

16.0.0.305

984,000

03-Feb-2015

19:29

x86

Activex.vch

Not Applicable

587,158

03-Feb-2015

19:34

Not Applicable

Flash.ocx

16.0.0.305

18,625,984

03-Feb-2015

19:34

x86

Flashplayerapp.exe

16.0.0.305

714,184

03-Feb-2015

19:34

x86

Flashplayercplapp.cpl

16.0.0.305

106,440

03-Feb-2015

19:34

Not Applicable

Flashutil_activex.dll

16.0.0.305

581,576

03-Feb-2015

19:34

x86

Flashutil_activex.exe

16.0.0.305

984,000

03-Feb-2015

19:34

x86

File hash information

File name

SHA1 hash

SHA256 hash

Windows8.1-KB3021953-x64.msu

2F113829F250BC54B1951073E139BC24773812E6

FA6EA470E486DC355814F9AB73E25E40A42A4A94F01C70E56FC8C4CBED7D2AC3

Windows8.1-KB3021953-x86.msu

CD771C4E55A5B01611155F9F4F2DB803ECEE9ED9

722D406A4A3AF5BAA3DC660102C31436236582567E2E4EDFF55C5EF70BBDDE3C

Windows8-RT-KB3021953-x64.msu

26B10A8923303B0DB791083C8B13DACF9D94D1F9

C156BC3E94F7CD86367AA7042A72A4809B3665DD0953FA85C6FC3C0B4294FCEB

Windows8-RT-KB3021953-x86.msu

3F7D29CAA26F050EA24F62AF9B9C14F267B33D3E

9016731A2951F355D685D492326BDEE8EC31B03CE00DFBAF6A4A2EA85B6318D0

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

Thank you for your feedback!

Thank you for your feedback! It sounds like it might be helpful to connect you to one of our Office support agents.

×