Adobe has released Adobe AIR 220.127.116.11.
Adobe has released security updates for Adobe AIR 18.104.22.168 and earlier versions for Windows. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system.
Adobe has an MSI package available for download. These are the steps to deploy:
- Download the ‘Adobe AIR 26.0 Installer‘ from Adobe’s website.
- The ‘AdobeAIRInstaller.exe’ is just a compressed file packaged as a bootstrapper (which on itself can also be used with the switches ‘-silent’ and ‘-eulaAccepted’), which can be extracted by e.g. using WinRAR. I’ve tried different WinZIP versions, but WinZIP doesn’t seem to recognize how this file was compressed. Inside the ‘AdobeAIRInstaller.exe’ you will find the ‘setup.msi’ MSI package:
- In order to configure AIR, Adobe supports several policy related registry keys under HKLM\Software\Policies\Adobe\AIR. These keys are discussed in details on Adobe’s website in the ‘Adobe AIR Administrator’s Guide‘ in a chapter called ‘Adobe AIR Configuration’:- AppInstallDisabled (Preventing installation of AIR applications)
– UntrustedAppInstallDisabled (Preventing installation of untrusted AIR applications)
– UpdateDisabled (Preventing automatic updates to Adobe AIR)
- When you create a Transform file (MST) for this MSI one of the suggested options is to disable the AutoUpdate feature in order to be able to manage deployment of new versions of the Adobe AIR Runtime: