We have been patching Adobe Flash Player, both the NPAPI (plugin for other browsers like Firefox) and Active X (for Internet Explorer) for a long time. Chrome takes care of the PPAPI plugin by itself so doesn't need to be patched. With the release of Flash Player 18 only the NPAPI plugin is being updated and the Active X version is failing to be patched. Most of our computers already had Flash Player 17 installed. I made a Managed Install in the interim but has anyone else experienced this issue? The patch details show both versions are downloaded as Associated Files (Patch-Smart.AdobeFlashPlayerActiveX18.0.0.160.exe and Patch-Smart.AdobeFlashPlayerPlugin18.0.0.160.exe).
Answer Summary:
18 Comments   [ + ] Show Comments


  • this happened before with flashplayer 17. it just happens if you use the patch that includes both versions. if you use the seperate patches for each NPAPI and PPAPI it works. but the patch that includes both versions fails to install both most of the time.
  • The patch package delivered from Lumension includes both the ActiveX and NPAPI plugins together. The NPAPI one installs but not Active X. Chrome is auto-updating the PPAPI plugin so I am not concerned with that. The answer given below is based on not using the built in patching capability of the K1000. We have been patching Adobe Flash Player for years without having to mess with MSIs, EXEs or command switches and this is not working right any more.
  • I've got the same issue. The scheduled job says its running and that it was successful, but when I check my client it is still the old version. Initially I had wide spread failure as it said the patch was available, but was never downloaded.
  • Yes I had the same problem with it initially not being detected as needed so wasn't downloading too. This new K1000 method of packaging two different patching updates together is not helping when they are not both detected properly!
    • Didn't realize they were going the route of packaging updates. Have you opened a ticket with Kace yet? By the way. I'm just down there street from you Rich. I work at the C&MA, fairly new Kace customers.
      • Ticket submitted! Stop by some time to chat. I'm the only "Rich" in IT here.
  • Dell Ticket is coming. They have "packaged" updates based on patching subscriptions for a long time. The default view in 6.3 shows "Applicable Packages" by groups now instead of individual patches. Expanding the group "Security updates available for Adobe Flash Player" reveals two active patches. When I apply this individual downloaded patch called "APSB15-11 Adobe Flash Player for Windows" it contains both plugins (NPAPI and AcvtiveX) and one is broken. They used to allow separate plugin patch downloads within the built-in patching.
  • Thanks Rich - good to know. I just opened a ticket too.
  • I am having the same issue regarding NPAPI and Active X patches. Thank you guys for the info.
    • Make sure to open a support ticket. I've done this and they asked me to make sure I was running the latest and greatest - which I upgraded to, and still have the problems. Hopefully they address this quick. haven't heard anything back yet.
  • Has anyone gotten any feedback..support has gone cold at the moment. Gonna ping them again.
  • We have the same issue and one of our guys have also filed a support ticket. Would like to get this fixed asap so we don't have to create an MI to distribute the update as versions prior to this are being reported as exploited in the wild.
  • I had to create a Dell Software Account ( I just started in May) but I submitted my ticket today.
  • in the past, (and actually I prefer them) but we have used KACE scripts to push out Adobe Reader, Flash, Java updates. It is nice to control your bandwidth at times....
  • Anyone get updates? I got an update on Friday saying that a support ticket with the Patch provider closed a ticket with Dell on this issue, but the Dell tech didn't really say what the ticket was about and that I should try a detect and a patch redownload, but haven't had any luck.
  • No response from Dell support on my ticket yet.
  • Here is my entire email:
    Hello Jacob,

    My name is Chris Brock and I am your ticket owner. I am happy to assist you with this issue.

    There is an issue with the patch. We are working with Lumension to resolve it. I will update you as soon as I have more info.

    Kind Regards,
    Chris Brock
  • Interestingly enough Adobe released an out-of-band patch. Hopefully this will stick and Lumension get's it right - https://helpx.adobe.com/security/products/flash-player/apsb15-14.html
  • is now in the patch feed. While it seems to patch for ActiveX, we're having some mixed detection results of some showing Not Patched. Not entirely sure of the cause yet.
  • Looks to be working for me.
  • Is any else's KACE not showing the latest Adobe update--> APSB15-16?
Please log in to comment

Answer Chosen by the Author

The release of the newer version of Flash Player from Lumension is working fine to update both NPAPI and Active X plugins. Both were updated and detected:

Adobe Flash Player 18 ActiveX ( 06/25/2015 19:35:59 - Detected

  Adobe Flash Player 18 NPAPI ( 06/25/2015 19:35:59 - Detected

Answered 06/26/2015 by: RichB
Third Degree Green Belt

Please log in to comment


We´re using the .exe version of the ActiveX plugin, and everything works as expected.


Two ideas. Try the .msi and enable logging using the /L*v switch. Also it can happen that the enterprise distribution page on the adobe site gives you the wrong (old) version. please look under details of the file. (this happens 2-3 time within the last 5 releases)


Answered 06/15/2015 by: aragorn.2003
Red Belt

  • Thanks for the input. My Managed Install with the MSI is working fine as a workaround since patching is failing.
Please log in to comment
Answer this question or Comment on this question for clarity
Nine Simple (but Critical) Tips for Effective Patch Management
This paper reviews nine simple tips that can make patch management simpler, more effective and less expensive.