Hey guys – you may have seen my post the other day which provided the legacy Flash files for Google Chrome. If not, you can check it here:
vSphere Web Client – Shockwave Flash has crashed
In that thread, I highlighted a workaround mentioned by a user on Reddit.
VMware has officially recognized the issue with a KB entry: Shockwave Flash crashes with vSphere Web Client 6.x (2151945)
The bad news is that it’s not truly fixed (but that’s not VMware’s fault). The good news is that if you followed the guide I posted and or used the Flash 27.0.0.159 archive provided in my other post then that’s also what VMware is recommending for the time being.
Do note that by rolling your Flash version back to 27.0.0.159 you are susceptible to Remote Code Execution identified in CVE-2017-11292… but you also need Flash to work so you can manage aspects of vSphere.
So in summary, you still only have two options today:
- Download Flash 27 Beta from http://labs.adobe.com/downloads/flashplayer.html
- Run Flash 27.0.0.159 as documented in my other post
If/when a true fix comes out I will be sure to post!
Thanks all!
I am a Sr. Systems Engineer by profession and am interested in all aspects of technology. I am most interested in virtualization, storage, and enterprise hardware. I am also interested in leveraging public and private cloud technologies such as Amazon AWS, Microsoft Azure, and vRealize Automation/vCloud Director. When not working with technology I enjoy building high performance cars and dabbling with photography. Thanks for checking out my blog! 
October 20, 2017
So when you say it isn’t vmware’s fault, I don’t understand… surely they need to update the web agent so that it works correctly with the new flash version that is not susceptible to the zero day vulnerability?
October 21, 2017
It’s not their fault that Chrome pushed the update before anyone else even caught wind is what I mean. Sure, all things Flash need to be migrated, but the fact that Chrome slipped a beta build of Flash into their browser is what borked this.