|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
Newsletter Archives
-
Today’s the day – Flash EOL has arrived
Today’s the day – Flash EOL has arrived
Back in 2017, Adobe announced it was “planning to end-of-life Flash”. Yes, this has been posted about before… Well, the time has now come. Pop-ups have been seen in those machines still using it, for a bit now.
If you have questions about what happens next, Adobe has a page full of questions and answers here.
If you’re looking for articles on how to uninstall, check out Martin Brinkmann’s ghacks post.
(and yes, only half the world is having New Year’s Eve already – Happy New Year to all)
-
About that Flash-zapping patch, KB 4577586? One leeetle problem. It doesn’t remove Flash.
Earlier today Microsoft released KB 4577586, the “Update for the removal of Adobe Flash Player: October 27, 2020.” As Susan notes in the entry below, it’s only available if you manually download and install it from the Microsoft Catalog.
Now comes word from Lawrence Abrams at BleepingComputer that the patch doesn’t do anything of the sort:
In our tests, though, Adobe Flash Player remained installed after installing the update… When we checked the Adobe Flash Player component in Microsoft Edge, it was still installed after installing the update.
Let’s hear it for Microsoft’s testers – the unpaid ones, at least.
-
Out of band update for Adobe Flash Player Nov. 19, 2018
Adobe Security Bulletin APSB18-44, dated November 20, 2018 is rated Priority 1.
Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address a critical vulnerability in Adobe Flash Player 31.0.0.148 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user.Microsoft has issued an out-of-band patch for Flash Player on Nov. 20th. KB 4477029, 2018-11 Security Update for Adobe Flash Player Windows 8.1 and Windows 10 based systems, is available through Windows Update and the MS Catalog.
For those using Windows 7, Vista, and XP, MacOS X, or Linux, Flash Player version 31.0.0.153 can be downloaded from Adobe.com.
Thx @Lars220
-
How to remove the built-in version of Flash in Win10 and 8.1
An interesting contribution from @ch100:
Warning!!! Only for advanced users and for those accepting a certain degree of risk if they don’t understand the procedure and don’t follow correctly.
Optional first step
Disable Adobe Flash in Internet Explorer and Edge. This is not mandatory, but would make the clean procedure below even cleaner, although it has only cosmetic relevance.
Main procedure
Step 1. Log into Windows with an administrator account
Step 2. Verify your version of the Flash components.
Under C:\Windows\servicing\Packages, check for
Adobe-Flash-For-Windows-Package~31bf3856ad364e35~amd64~~<version number>
Adobe-Flash-For-Windows-WOW64-Package~31bf3856ad364e35~amd64~~<version number>
Adobe-Flash-For-Windows-onecoreuap-Package~31bf3856ad364e35~amd64~~<version number>
The version number for Adobe Flash packages on Windows 10 1803 is 10.0.17134.1. It’s different on other versions of Windows 10.
There are additional packages referring to Language Packs installed on the system, but we are not concerned with them now, as they will be removed at the same time with the main packages.
Do nothing with those language packages (e.g. those flagged as en-us or other variations), but monitor for them to disappear from the folder when the uninstall is complete.
The screenshots below are from Windows 10 1803, but the procedure is relevant for all Windows 10 (and for Windows 8.1, although not tested).
Step 3. Type regedit in the search box and start the Registry Editor.
Step 4. Give your machine full control over the requisite keys.
Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages
Right click on each of:
Adobe-Flash-For-Windows-onecoreuap-Package~31bf3856ad364e35~amd64~~<version number>
Adobe-Flash-For-Windows-Package~31bf3856ad364e35~amd64~~<version number>
Adobe-Flash-For-Windows-WOW64-Package~31bf3856ad364e35~amd64~~<version number>
For each of those keys:
4a. Right-click on the key name and choose Permissions. Give Administrators Full Control (screenshot) and click OK.
4b. Back in the main Regedit screen, on the right, change the Visibility value from 2 to 1.
4c. Still on the main Regedit screen, delete the subkey call Owners.
See the before and after shots for Steps 4b and 4c.
Before
After
Step 5. Open a command prompt, Run As Administrator
dism /online /remove-package /packagename:Adobe-Flash-For-Windows-Package~31bf3856ad364e35~amd64~~10.0.17134.1
dism /online /remove-package /packagename:Adobe-Flash-For-Windows-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1
dism /online /remove-package /packagename:Adobe-Flash-For-Windows-onecoreuap-Package~31bf3856ad364e35~amd64~~10.0.17134.1
Step 6. You’re done. No more Adobe Flash in registry and under the Packages folder. Everything is also gone from:
C:\Windows\System32\Macromed
C:\Windows\SysWOW64\Macromed
All that’s left is any copy of Adobe Flash that you’ve installed manually, most frequently as a plugin for Firefox. Manually installed Adobe Flash can be uninstalled as per normal procedure, from Programs and Features.
-
Patch Lady – Flash update out on June 7th
Be aware that today a Flash update has been released. For those of you on Windows 7 you will need to either look to a prompt or go to the Adobe flash page for your update. For those on 10, and 8.1 you get your update from Microsoft.https://support.microsoft.com/en-us/help/4287903/security-update-for-adobe-flash-player
“Adobe is aware of a report that an exploit for CVE-2018-5002 exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious Flash Player content distributed via email.”
Generally speaking it’s wise to ensure these flash updates are installed as soon as possible. Kirsty’s got the links for you here:
-
Adobe Flash patch KB 4074595 pushed out the Windows Update chute
Doncha just love Flash?
A few hours ago, Microsoft pushed the first round of February 2018 patches. The KB 4074595 patch fixes two security holes in Adobe Flash Player, CVE-2018-4877 and CVE-2018-4878.
Microsoft has a few details in Security Advisory ADV180004.
Adobe’s Security Bulletin APSB18-03 says:
Adobe is aware of a report that an exploit for CVE-2018-4878 exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious Flash content distributed via email.
Adobe goes on to say it’s a remote code execution hole. Critical Priority 1. Impacts 28.0.0.137 and earlier versions (February 6, 2018). New version is 28.0.0.161.
Adobe’s version checker is here.
Microsoft’s patches are for Windows 8.1 and Win10, all versions. All of those versions need to have Internet Explorer (and, in the case of Win10, Edge) fixed to plug the holes in the embedded versions of Flash.
Adobe’s patches cover everything other than IE 11 and Edge. Chrome is fixed automatically, by default, when you re-start Chrome.
Liam Tung at ZDNet reports:
Researchers at Cisco Talos said hackers known as Group 123 were using the zero-day Flash flaw and Excel sheets to deliver the ROKRAT remote-administration tool.
Cisco researchers found Group 123’s Excel sheets contained an ActiveX object that was a malicious Flash file that downloaded ROKRAT from a compromised web server. Notably, it was the first time this group has been seen using a zero-day exploit, suggesting the targets were carefully selected and high value.
FireEye, which calls Group 123 TEMP.Reaper, said it had observed the group interacting with their command-and-control infrastructure from North Korean IP addresses. Most of the group’s targets were South Korean government, military and defense industry organizations, it said.
If you haven’t yet disabled Flash, now would be a very good time to do so. Chris Hoffman at How-to-Geek has detailed instructions. If you absolutely have to have Flash, restrict it to one browser — I use Chrome to do the dirty deed — and only use it manually, under duress.
If you can’t or won’t throttle Flash, get the update applied. Yet another Patch Wednesday.
Thx CAR, Günter Born.
-
Recently updated topics you may have missed
It’s possible you may have missed recent security updates that have been made to Chrome, Firefox, Thunderbird, Java and Flash Player. The following topics have now been updated with the US-Cert alerts, with links:
Chrome Security Update: US-CERT (Browser)
Mozilla Security Update: US-CERT (Firefox)
Mozilla Security Update: US-CERT (Thunderbird)
Oracle Security Update: US-CERT (Java etc)
1000002: Links to Flash update resources
Subscribers to those topics should have received emails with details of the new posts. However, we have had some reports that some people are currently not receiving those emails. If your subscription emails aren’t working, please let us know.
Also updated recently is AKB3000005: On the subject of Botnets, which was posted last month, but promptly disappeared in a backup-reset of the site. -
Adobe Flash player security update is out
A week late, but what the heck. APSB17-32.
Details on the Adobe site.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Resolved : AutoCAD 2022 might not open after updating to 24H2
by 44 minutes ago
-
Missing api-ms-win-core-libraryloader-11-2-1.dll
by 2 hours, 11 minutes ago
-
How Much Daylight have YOU Saved?
by 52 minutes ago
-
A brief history of Windows Settings
by 1 hour, 29 minutes ago
-
Thunderbolt is not just for monitors
by 25 minutes ago
-
Password Generators — Your first line of defense
by 4 hours, 18 minutes ago
-
AskWoody at the computer museum
by 2 hours, 9 minutes ago
-
Planning for the unexpected
by 2 hours, 27 minutes ago
-
Which printer type is the better one to buy?
by 2 hours, 29 minutes ago
-
Upgrading the web server
by 54 minutes ago
-
New Windows 11 24H2 Setup – Initial Win Update prevention settings?
by 19 hours, 59 minutes ago
-
Creating a Google account
by 18 hours, 44 minutes ago
-
Undocumented “backdoor” found in Bluetooth chip used by a billion devices
by 1 day, 1 hour ago
-
Microsoft Considering AI Models to Replace OpenAI’s in Copilot
by 1 day, 12 hours ago
-
AI *emergent misalignment*
by 1 day, 13 hours ago
-
Windows 11 Disk Encryption/ Bitlocker/ Recovery Key
by 18 minutes ago
-
Trouble signing out and restarting
by 14 hours, 2 minutes ago
-
Windows 7 MSE Manual Updating
by 1 day, 21 hours ago
-
Problem running LMC 22 flash drive
by 20 hours, 38 minutes ago
-
Outlook Email Problem
by 20 hours, 44 minutes ago
-
“Microsoft 365 Office All-in-One For Dummies, 3rd Edition FREE
by 1 day, 4 hours ago
-
Cant use Office 2013 – Getting error message about Office 2013
by 1 day, 21 hours ago
-
Nearly 1 million Windows devices targeted in advanced “malvertising” spree
by 1 day, 21 hours ago
-
Windows 11 Insider Preview build 27808 released to Canary
by 2 days, 22 hours ago
-
Windows 11 Insider Preview Build 22635.5025 (23H2) released to BETA
by 2 days, 22 hours ago
-
Sysprep issue
by 2 days, 21 hours ago
-
Android Security Bulletin—March 2025
by 3 days ago
-
23h2: PIN TO START randomly available on right-click
by 3 days ago
-
Microsoft Defender
by 3 days, 6 hours ago
-
New Laptop-Another ?
by 2 days, 23 hours ago
