Re: Macromedia Flash Player Vulnerability in Security

Re: Macromedia Flash Player Vulnerability in Security http://www.dslreports.com/forum/r14742608 en Sat, 28 Nov 2009 16:14:17 EDT Sat, 28 Nov 2009 16:14:17 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14792458 Libra : I appreciate everyone checking to see what files they actually have regarding this flash update.

Planet, I have the same as you: XP has the flash8.ocx (version 8.0.22) and flash.ocx (version 7.0.19). It has one swflash.ocx which is version 5.0.42.0. When checking Windows 98se I have the same files in the System folder.

Mele, as usual, you helped me with this :). Instead of just relying on the search results, I checked the actual folders in explorer and found the newest version, along with the old ones.

Again, thank you everyone.

Sincerely, Libra]]> http://www.dslreports.com/forum/remark,14792458 Sat, 12 Nov 2005 20:53:47 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14789580 planet :

said by Libra :
I find this strange. I just read the MS article and did a "find" on Windows 98se for flash.ocx and swflash.ocx.

flash.ocx shows C:\Windows\System\Macromedia\Flash Version 7.0.19 (installed in 2004)

swflash.ocx shows at the same location as Version 5.0.42.0

I have the same findings on my XP box + I have the new flash 8.ocx control in the folder.

On my 98 FE box, I have the 8.0.22 version but also the 5.0.42 flash.ocx. I had some trouble updating the 98 box and deleted the 7.0.19 version which I assume is why that file isn't even there now.

Edit: My take on it is the update created a new ocx file named Flash 8.ocx, leaving the old flash.ocx file in the folder too.]]> http://www.dslreports.com/forum/remark,14789580 Sat, 12 Nov 2005 12:34:15 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14788011 Mele20 : I think both you guys may have an incomplete installation of the latest Flash Player.

On my XP Pro box, I installed version 8 on IE and if I do a search for those files, search only finds files in i386 folder! That is sort of odd. (Of course, those are the older versions also dating from two years ago when I bought this computer). But when I went to C:\WINDOWS\SYSTEM32\Macromed\Flash, I show Flash8.ocx and in the properties window the version shown is 8.0.22.

Libra, I haven't had time to upgrade Flash on my 98SE box but when I do, I'll let you know what version of flash.ocx I have.
--
Around 2005 a sudden spark will catalyze a Crisis mood. The very survival of the nation will seem to be at stake.Sometime before 2025, America will pass through a great gate in history. The risk and promise will be very high. The Fourth Turning Wm. Straus]]> http://www.dslreports.com/forum/remark,14788011 Sat, 12 Nov 2005 04:28:51 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14787262 TK421 : In Windows XP SP-2 my flash.ocx file also reports version 7,0,19,0 despite successfully updating to 8.0.22???

According to MS these were the original files distributed with Windows:
[att=1]
Installing v7.0.19 updated flash.ocx, but v8.0.22 did not. Could it be the file did not change between versions, only other components are different? That's the only logical answer I can give... Microsoft did not specify what the file version should be with Flash 8.

[edited for clarity]

Original File Versions

]]> http://www.dslreports.com/forum/remark,14787262 Fri, 11 Nov 2005 23:58:36 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14787053 Libra : I find this strange. I just read the MS article and did a "find" on Windows 98se for flash.ocx and swflash.ocx.

flash.ocx shows C:\Windows\System\Macromedia\Flash Version 7.0.19 (installed in 2004)

swflash.ocx shows at the same location as Version 5.0.42.0
~~~~~~~~~
When I go to the Macromedia Test Site it shows Version 8.0.r22
in both IE and Mozilla. Also, objects in IE shows version 8.0.r22 and Mozilla plug-ins shows the latest version also.

Why would I have those old versions showing in the C\Windows\System\Macromedia\Flash area?

Sincerely, Libra]]> http://www.dslreports.com/forum/remark,14787053 Fri, 11 Nov 2005 23:20:02 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14781088 Lappen :

said by Sentinel

:

If you poke around the macromedia web site there is a link to download the full flash player if you would prefer. It is not easy to find but if you look at the support section for problems installing you will find it.

I prefer downloading the full installer package so I can install it on all the machines on my LAN. It's easier that way.

If you don't want to poke around here is the link for the offline installers
»www.macromedia.com/cfusion/knowl···download
--
I can also be found at the SWI Forums as Lappen
]]> http://www.dslreports.com/forum/remark,14781088 Fri, 11 Nov 2005 07:37:57 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14780942 omnibus : Ok, I'm confused.
If we see shockwave flash 8.0 r22 in about:plugins (firefox) and we didn't update to it ourselves, do we need to uninstall the flash player, download the installer and install it ourselves?

Edit: Nevermind, only older versions of flash player 7 is vunrable]]> http://www.dslreports.com/forum/remark,14780942 Fri, 11 Nov 2005 06:27:53 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14780802 gracie :

said by gracie

:

i looked at the "tech note" linked above, and it had a link to an uninstaller (it doesn't show in add/remove for me), but the link is dead!

on another newsgroup, people mentioned the same problem---apparently the download servers were overloaded. went back at a different time and downloaded the uninstaller fine. will log on as admin and do the uninstall/install the new one today. thanx.
--
graciella! "not tonight dear, I have DSL."
Creating SuperOrganizations Worldwide
Creating & Hosting SuperSites Worldwide]]> http://www.dslreports.com/forum/remark,14780802 Fri, 11 Nov 2005 04:35:13 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14780519 Shriyash :

Shockwave Flash

File name: NPSWF32.dll
Shockwave Flash 8.0 r22

MIME Type Description Suffixes Enabled
application/x-shockwave-flash Macromedia Flash movie swf Yes
application/futuresplash FutureSplash movie spl Yes

Shockwave for Director

File name: np32dsw.dll
Macromedia Shockwave for Director Netscape plug-in, version 10.1

MIME Type Description Suffixes Enabled
application/x-director Shockwave Movie dir,dxr,dcr Yes

--
"A man who bows down to nothing, can never bear the burden of himself" - Dostoyevsky {1821-1881}

]]> http://www.dslreports.com/forum/remark,14780519 Fri, 11 Nov 2005 02:07:15 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14780039 TK421 :

In an unprecedented move, Microsoft Corp. has issued a security advisory to nudge Windows users into applying a critical security update for Macromedia Inc.'s ubiquitous Flash Player.

It is the first time the software giant has used its security advisories program to warn about potential problems in a third-party product.

»www.eweek.com/article2/0,1759,18···K0000594
»www.microsoft.com/technet/securi···550.mspx

]]> http://www.dslreports.com/forum/remark,14780039 Thu, 10 Nov 2005 23:55:06 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14780031 Libra : Hi Gracie,
Here's a link to the Flash Player download site. It will display the proper version depending on what browser you are using. The instructions are at the bottom, along with other links. I had no problems using this site with IE and Mozilla.

»www.macromedia.com/shockwave/dow···aveFlash

Sincerely, Libra]]> http://www.dslreports.com/forum/remark,14780031 Thu, 10 Nov 2005 23:53:42 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14779918 Sentinel : If you poke around the macromedia web site there is a link to download the full flash player if you would prefer. It is not easy to find but if you look at the support section for problems installing you will find it.

I prefer downloading the full installer package so I can install it on all the machines on my LAN. It's easier that way.]]> http://www.dslreports.com/forum/remark,14779918 Thu, 10 Nov 2005 23:32:10 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14778293 Mele20 : »www.macromedia.com/cfusion/knowl···1#remove

Choose the uninstaller for Flash 7. Download, close IE and then run it. It is VERY fast removal. Then simply open IE and go to any site that needs Flash. You will get a prompt to install Flash Player version 8. Click on that.
--
Around 2005 a sudden spark will catalyze a Crisis mood. The very survival of the nation will seem to be at stake.Sometime before 2025, America will pass through a great gate in history. The risk and promise will be very high. The Fourth Turning Wm. Straus]]> http://www.dslreports.com/forum/remark,14778293 Thu, 10 Nov 2005 19:47:59 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14777415 gracie :

said by planet

:

To update:
On IE, can't one go to tools>internet options>settings>view objects>
right click shockwave flash and then click update?

that doesn't appear there for me in IE. if i don't want to bother uninstalling and then installing, how can i do a "web update"?

i looked at the "tech note" linked above, and it had a link to an uninstaller (it doesn't show in add/remove for me), but the link is dead! i have no idea how to uninstall flash 7, so doing an automatic update without uninstalling would be super. just can't figure out how.]]> http://www.dslreports.com/forum/remark,14777415 Thu, 10 Nov 2005 17:42:39 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14777284 Sentinel : I agree. I hate Flash. The only thing I hate more than Flash is Quicktime ;)]]> http://www.dslreports.com/forum/remark,14777284 Thu, 10 Nov 2005 17:24:31 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14776962 Mele20 : I would love a player that could do that...if it was Winamp. As for Quicktime that player gets permanently removed from any computer as soon as I get the computer.]]> http://www.dslreports.com/forum/remark,14776962 Thu, 10 Nov 2005 16:41:18 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14775304 gg5 : For anyone who doesn't like Flash in web pages, but would like to look at the occasional creative or entertaining Flash file (as opposed to the zillions of obnoxious ads), the new Quicktime can play Flash outside of a browser and without Flash being installed at all.

Yes I know, most people like Flash in web pages, and if that includes you, disregard this post. And yes I know you can control it with the extension. I prefer to have a standalone player rather than a plugin and then an extension to suppress it.

Just pointing out the alternative for those who may prefer it.]]> http://www.dslreports.com/forum/remark,14775304 Thu, 10 Nov 2005 12:45:01 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14772088 anon : Is anyone else getting "script errors" after the latest Flashplayer update in their Firefox browser?
They cause the ff to freeze, and become unresponsive.

Then a prompt comes up saying " a script error has occured hat could make your computer unresponsive. would you like to turn the script off".

And after clinking 'yes' a couple of times, it goes away.]]> http://www.dslreports.com/forum/remark,14772088 Wed, 09 Nov 2005 23:21:22 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14770162 Sentinel : Looks like it still works ... even though it does say Flash Player Version 6 in the window.

]]> http://www.dslreports.com/forum/remark,14770162 Wed, 09 Nov 2005 19:14:51 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14765954 Sentinel : Does Eric's Flash-Kill still work with this version?
»https://netfiles.uiuc.edu/ehowes/www/fix···ash-kill]]> http://www.dslreports.com/forum/remark,14765954 Wed, 09 Nov 2005 08:57:46 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14765605 Mele20 : I uninstalled it for all browsers using the Macromedia tool. Very fast and easy.Then I went to Speakeasy site on IE and reinstalled it for IE from there. Again, fast and easy and no need to close IE or anything. Now it is gone from Opera,Fx,Netscape and Mozilla. Good riddance! I only need it for speed tests at Speakeasy sites using IE and if I have it only on IE then I can use Spyware Blaster to set the killbit on it so it only activates when I want to use it for speed tests.

I still have not figured out how it got installed earlier on Fx when I never would install it on that browser.
--
Around 2005 a sudden spark will catalyze a Crisis mood. The very survival of the nation will seem to be at stake.Sometime before 2025, America will pass through a great gate in history. The risk and promise will be very high. The Fourth Turning Wm. Straus]]> http://www.dslreports.com/forum/remark,14765605 Wed, 09 Nov 2005 07:40:19 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14765373 Linoobux : Thanks all,
Another hole plugged...until the next hack.
--
Tolerance is a two-way street.]]> http://www.dslreports.com/forum/remark,14765373 Wed, 09 Nov 2005 05:48:51 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14765303 Mele20 : No...look back at my post. I said I usually have the kill bit set for Flash in Spyware Blaster. But tonite, when I checked Spyware Blaster the killbit was off. I probably did some speed tests and forgot to recheck it.

I see I have version 7 for Opera. I have plugins disabled in Opera.

I also to my utter surprise find that I somehow acquired two plugins for Fx for Flash!! I DETEST Flash and I did NOT install those plugins! How did I get them? How do I get rid of them? I disabled them but I want them gone. I have never, in all the years I have used Fx and Mozilla, had Flash install silently! What the heck?!
--
Around 2005 a sudden spark will catalyze a Crisis mood. The very survival of the nation will seem to be at stake.Sometime before 2025, America will pass through a great gate in history. The risk and promise will be very high. The Fourth Turning Wm. Straus]]> http://www.dslreports.com/forum/remark,14765303 Wed, 09 Nov 2005 04:58:24 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14765084 TK421 : No, everyone needs this update if they have the Flash Player plug-in. I believe both Opera and IE have it installed by default, but not Firefox.

The *standalone* mentioned in this thread refers to the downloaded installer package.

I see some people said they needed separate updates for different browsers, but uninstalling the previous version and running the standalone installer updated all my browsers without a hitch.

However, since you apparently don't want the plug-in for Fx you could just check Opera's version and leave things at that. It could be the Shockwave Flash ActiveX control that updated your IE plug-in... I never thought to check my IE version before manually updating.

[edit] You make me wonder how IE managed to silently update Flash especially if the ActiveX control was disabled. First time I've heard of that. If you recently ran CCleaner it could have deleted your saved Flash preferences though. Hmmm.]]> http://www.dslreports.com/forum/remark,14765084 Wed, 09 Nov 2005 02:36:36 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14764977 Mele20 : So this vulnerability is only for the stand alone player and not for flash player embedded in web sites like CNN?

I don't have Flash for Fx. But I do for IE. How I did I get ver. 8? I didn't upgrade it and usually I keep the killbit on in Spyware Blaster. I just checked though and the killbit was off so I guess IE silently upgraded Flash? And the upgrade resets my preferences to default? And I didn't know there was an upgrade so I didn't know till now to go fix my preferences. Lovely. I only have it to do Speakeasy speed tests but Flash is such an irritation that maybe I should forget Speakeasy speed tests and then I could get rid of Flash entirely. I don't use websites that are behind flash although my local airline is behind Flash and won't provide an HTML version so I have to call to make reservations. I complain and usually sites give me an HTML version so I only need that awful thing for those speed tests. ]]> http://www.dslreports.com/forum/remark,14764977 Wed, 09 Nov 2005 02:01:21 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14763940 Shriyash : yes, antdude, it does show up in the about: plugins!

Shockwave Flash
File name: NPSWF32.dll
Shockwave Flash 8.0 r22

MIME Type Description Suffixes Enabled
application/x-shockwave-flash Macromedia Flash movie swf Yes
application/futuresplash FutureSplash movie spl Yes

--
"A man who bows down to nothing, can never bear the burden of himself" - Dostoyevsky {1821-1881}]]> http://www.dslreports.com/forum/remark,14763940 Tue, 08 Nov 2005 22:47:34 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14763227 antdude :

said by Shriyash

:

Flash Player 8 shows up in my Add Remove Programs list, but i didnt need to reboot after installing either.

There is no confirmation screen in Firefox that the Macromedia Flash Player has successfully installed however.

I assume Firefox recognize about:plugins command in URL. Try that? Mozilla v1.7.12 showed:

Shockwave Flash

File name: NPSWF32.dll
Shockwave Flash 8.0 r22

MIME Type Description Suffixes Enabled
application/x-shockwave-flash Macromedia Flash movie swf Yes
application/futuresplash FutureSplash movie spl Yes
--
Ant @ The Ant Farm: »antfarm.ma.cx ... Please do not IM/e-mail me for technical support. Use the forum (I check almost daily)! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer.]]> http://www.dslreports.com/forum/remark,14763227 Tue, 08 Nov 2005 21:16:33 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14757763 Tom Mc :

said by Steely

said by Sith HMP

:

How do I find out which version of the player I have.

Try this: »www.macromedia.com/software/flash/about/

Isn't it interesting that this link does not show at »tinyurl.com/3tuy when accessed from IE, but does show when accessed from Firefox, as item 6 in the Installation Instructions.

Apparently, it has to be installed multiple times, once for each browser.]]> http://www.dslreports.com/forum/remark,14757763 Tue, 08 Nov 2005 07:15:13 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14751017 Shriyash : Flash Player 8 shows up in my Add Remove Programs list, but i didnt need to reboot after installing either.

There is no confirmation screen in Firefox that the Macromedia Flash Player has successfully installed however.

]]> http://www.dslreports.com/forum/remark,14751017 Mon, 07 Nov 2005 12:23:39 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14749633 Steely :

said by TK421

:

Macromedia recommends downloading the standalone installer, closing all open browsers, and removing previous Flash Player version (Windows Add/Remove Programs) before installing the version 8.

There is no Flash Player in my Add/Remove Programs -- I only see Shockwave listed. BTW, I downloaded Flash Player version 8 for Mozilla, ran it, and it installed without asking for a reboot.]]> http://www.dslreports.com/forum/remark,14749633 Mon, 07 Nov 2005 08:17:51 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14749530 KachiWachi : I wonder how/why the web update can run without needing an uninstall or reboot, whereas the stand-alone installer requires an uninstall and a reboot.

Anyone care to comment?]]> http://www.dslreports.com/forum/remark,14749530 Mon, 07 Nov 2005 07:46:47 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14749385 Shriyash : Thanks for the tip jfly, i just went to this site
»www.macromedia.com/software/flash/about/
in Firefox to see which version is showing up, and it is 8.0!]]> http://www.dslreports.com/forum/remark,14749385 Mon, 07 Nov 2005 06:54:44 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14749374 TK421 : Macromedia recommends downloading the standalone installer, closing all open browsers, and removing previous Flash Player version (Windows Add/Remove Programs) before installing the version 8.

At least, that worked fine for me with both Firefox and IE.]]> http://www.dslreports.com/forum/remark,14749374 Mon, 07 Nov 2005 06:48:05 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14749357 Shriyash : yes, it seems that while you can update both Flash player and the Shockwave player in Internet explorer on the macromedia.com site itself, you STILL need to do a seperate download to your pc in the case of updating the players in Firefox.

hmm, in firefox , the shockwave player updated fine, but i am having trouble installing the flash player. for some reason the installation is not extracting properly. it tells me "extracting to folder..", it goes to 100%, but then it just dissapears.(??)
no next prompt.:huh:]]> http://www.dslreports.com/forum/remark,14749357 Mon, 07 Nov 2005 06:40:16 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14749350 TK421 : For those who have any questions regarding Flash Player installation see Flash Player TechNote.

Previous versions of Macromedia Flash Player should be removed. Uninstall any previous version of Flash Player before using the standalone installer.

Hope that helps. :)]]> http://www.dslreports.com/forum/remark,14749350 Mon, 07 Nov 2005 06:35:03 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14749342 anon : Interesting foible
checking version in Firefox gave version 7 but checking in IE6 gave version 8 so needed to download new version.
Appears as though IE6 updated itself but not other browsers]]> http://www.dslreports.com/forum/remark,14749342 Mon, 07 Nov 2005 06:27:56 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14749287 Arkszap : Thanks for these very useful links,but ,like mrsplants,i'd like to know if it's better to uninstall or you just download the new version ? Or is it just the same?]]> http://www.dslreports.com/forum/remark,14749287 Mon, 07 Nov 2005 05:47:50 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14744886 Sith HMP : Thank you very much.]]> http://www.dslreports.com/forum/remark,14744886 Sun, 06 Nov 2005 14:24:58 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14744609 planet : To update:
On IE, can't one go to tools>internet options>settings>view objects>
right click shockwave flash and then click update?]]> http://www.dslreports.com/forum/remark,14744609 Sun, 06 Nov 2005 13:39:13 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14744556 alamarco : Thanks for that link, appreciated.]]> http://www.dslreports.com/forum/remark,14744556 Sun, 06 Nov 2005 13:27:57 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14743642 sharpy merc : One thing to note , after updating dont forget to vist this site and re-set you securtiy settings for FlashPlayer.

»www.macromedia.com/support/docum···r03.html

I would recommend adding the above site to Favories. ]]> http://www.dslreports.com/forum/remark,14743642 Sun, 06 Nov 2005 10:53:34 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14743603 vukodlak75 : Just updated, thanks.]]> http://www.dslreports.com/forum/remark,14743603 Sun, 06 Nov 2005 10:45:29 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14743556 alamarco : Thanks for the heads up, I recently upgraded to 8 so I'm safe. I was actually wondering whether or not to upgrade, but good thing I did :).]]> http://www.dslreports.com/forum/remark,14743556 Sun, 06 Nov 2005 10:36:47 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14743434 Steely :

said by Sith HMP

:

How do I find out which version of the player I have.

Try this: »www.macromedia.com/software/flash/about/]]> http://www.dslreports.com/forum/remark,14743434 Sun, 06 Nov 2005 10:10:39 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14743109 Sith HMP : I used to know how to do this. It seems my brain isn't working today. How do I find out which version of the player I have. I'm pretty sure I updated to 8 when it came out but I would like to be sure. Thank you-Sith :)
--
I am not as dumb as you think I think I am.]]> http://www.dslreports.com/forum/remark,14743109 Sun, 06 Nov 2005 08:30:36 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14743045 mrsplants : Do we have to unistall prev versions or just install 8 over 7? thanks.]]> http://www.dslreports.com/forum/remark,14743045 Sun, 06 Nov 2005 08:06:58 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14742647 Blackbird : The correct link for Flash 8 is:

»www.macromedia.com/shockwave/dow···aveFlash
--
If God wanted us to work with electrons, He'd make them big enough to see...]]> http://www.dslreports.com/forum/remark,14742647 Sun, 06 Nov 2005 02:41:38 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14742608 chiawaikian : Thanks. :p]]> http://www.dslreports.com/forum/remark,14742608 Sun, 06 Nov 2005 02:29:22 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14742505 Dustyn : First link returns: Error: Page Not Found
I have Flash 8....cool, I'm safe. :)]]> http://www.dslreports.com/forum/remark,14742505 Sun, 06 Nov 2005 01:56:22 EDT Re: Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14742428 dadkins : Thanks jFly! ;)]]> http://www.dslreports.com/forum/remark,14742428 Sun, 06 Nov 2005 01:30:55 EDT Macromedia Flash Player Vulnerability http://www.dslreports.com/forum/remark,14742238 TK421 :

Macromedia Flash Player SWF File Handling Arbitrary Code Execution

Secunia Advisory: SA17430
Release Date: -- 2005-11-05

Critical: ------ Highly critical
Impact: -------- System access
Where: --------- From remote
Solution Status: Vendor Patch

Software:
Macromedia Flash Player 6.x
Macromedia Flash Player 7.x

Description:
eEye Digital Security has reported a vulnerability in Macromedia Flash Player, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to missing validation of the frame type identifier that is read from a SWF file. This value is used as an index in Flash.ocx to reference an array of function pointers. This can be exploited via a specially crafted SWF file to cause the index to reference memory that are under the attackers control, which causes Flash Player to use attacker supplied values as function pointers.

Successful exploitation allows execution of arbitrary code.

The vulnerability has been reported in Flash Player version 7.0.19.0 and prior.

Solution:
Update to Flash Player 8 (8.0.22.0) or apply Flash Player 7 update (7.0.61.0 or 7.0.60.0).

Flash Player 8 download:
»www.macromedia.com/shockwave/dow···aveFlash

Flast Player 7 update:
»www.macromedia.com/go/d9c2fe33

More: »www.macromedia.com/devnet/securi···-07.html

Heads up everyone... ;)

[edit] Fixed broken link (thanks Dustyn

)]]> http://www.dslreports.com/forum/remark,14742238 Sun, 06 Nov 2005 00:43:35 EDT