dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
15329
SUMware2
Premium Member
join:2002-05-21

1 edit

SUMware2

Premium Member

After XP SP3 Install - Check Flash Player Version

From Donna's SecurityFlash
June 01, 2008 -
said by Donna :
One of my co-admin at Calendar of Updates forum is reporting that the Windows XP SP3 replaced the up-to-date flash.ocx (this is Flash Player's file and is located in C:\Windows\System32\Macromed\flash.ocx) with older version which is v6.

Users should make sure that their flash.ocx is the current version. You can run Secunia Software Inspector online or using the Secunia PSI to check what version of flash.ocx you got AFTER you've installed XP SP3.

You can also try to determine what version of Flash Player you have by going to "About Flash Player". You should see:

You have version 9,0,124,0 installed (this is currently the lastest version of Flash Player).

You can right-click also the flash.ocx located in System32\Macromed folder and check what version you got after installing SP3 of XP.

MagMan
Life is simpler when you tell the truth.
Premium Member
join:2003-10-01
Westlake, OH

MagMan

Premium Member

I have this version installed 10,0,1,218 now what?
SUMware2
Premium Member
join:2002-05-21

SUMware2

Premium Member

Looks like you are running a beta version.

bcastner
MVM
join:2002-09-25
Chevy Chase, MD

2 edits

bcastner to SUMware2

MVM

to SUMware2
This is a non-issue, as Donna Buenaventura now recognizes. The older Flash module was included in SP2 as well. It is not registered, and cannot be called by a Flash application. Only your installed (newer) version is a registered and active component.

This is not a parallel case to older and vulnerable Sun Java versions, where older and vulnerable versions were still available for exploit.

MagMan
Life is simpler when you tell the truth.
Premium Member
join:2003-10-01
Westlake, OH

MagMan to SUMware2

Premium Member

to SUMware2
said by SUMware2:

Looks like you are running a beta version.
I knew that.

Cudni
La Merma - Vigilado
MVM
join:2003-12-20
Someshire

Cudni to bcastner

MVM

to bcastner
said by bcastner:

It is not registered, and cannot be called by a Flash application. Only your installed (newer) version is a registered and active component.
Can then flash.ocx simply be deleted, as there is no need for it?

Cudni
SUMware2
Premium Member
join:2002-05-21

SUMware2 to bcastner

Premium Member

to bcastner
Thank you for the information.
said by bcastner:

This is a non-issue, as Donna Buenaventura now recognizes.
Can you post a link to this... can't seem to find it.

bcastner
MVM
join:2002-09-25
Chevy Chase, MD

3 edits

bcastner

MVM

From discussions with her on a listsrerv over the weekend.
If you have updated Flash, there is no issue -- though make sure you have updated to the very latest verion of Flash 9.

If you do not have any Flash Update, then apply this Hotfix:

Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (923789)
Published: November 14, 2006 | Updated: May 13, 2008
»www.microsoft.com/techne ··· 069.mspx

Or, turn Flash Off: »msmvps.com/blogs/harrywa ··· e-8.aspx

Or, delete the flash.ocx file: »kb.adobe.com/selfservice ··· liceId=2

almex
Premium Member
join:2001-09-18
Chandler, AZ

almex to SUMware2

Premium Member

to SUMware2
Not to sound terribly paranoid, but why is a Microsoft update messing with Macromedia/Adobe files in the first place?

redxii
Mod
join:2001-02-26
Michigan

redxii to SUMware2

Mod

to SUMware2
I have 9,0,124 on a fresh install

Cudni
La Merma - Vigilado
MVM
join:2003-12-20
Someshire

Cudni to almex

MVM

to almex
MS is not messing anything, that flash.ocx has no effect and can be removed. See bcastner See Profile 1st reply

Cudni

bcastner
MVM
join:2002-09-25
Chevy Chase, MD

bcastner to almex

MVM

to almex
It not messing with anything that it does not have a valid license for, and for which it has distributed since SP2. At the time Macromedia was anxious to move everyone behind Flash and away from earlier methods to show this type of content.

It is a non-issue if you have updated Flash. If you have not updated flash, see the Hotfix link earlier; or update Flash; or Uninstall it.
SUMware2
Premium Member
join:2002-05-21

1 edit

SUMware2 to bcastner

Premium Member

to bcastner
Click for full size
Click for full size
Guess I'm confused...

From »www.microsoft.com/techne ··· 069.mspx
said by Microsoft :
Vulnerable versions of Macromedia Flash Player from Adobe are redistributed with Microsoft Windows XP Service Pack 2, Microsoft Windows XP Service Pack 3, and Microsoft Windows XP Professional x64 Edition.

Why was this Bulletin revised on May 13, 2008?
This bulletin was revised to add Windows XP Service Pack 3 as affected software. This is a detection update only. There were no changes to the binaries, since the same update for Windows XP Service Pack 2 and Windows XP Professional x64 Edition applies to Windows XP Service Pack 3. Customers with Windows XP Service Pack 2 and Windows XP Professional x64 Edition who have already installed the security update will not need to reinstall the update. Customers with Windows XP Service Pack 3 should apply the update immediately.
According to MS this seems to indicate that SP3 shipped with vulnerable Flash6.ocx files (6.0.79 or 6.0.88 ?) that removed, then replaced, the user's file. Thus after installing SP3 users need to apply the update.

Or am I interpreting this incorrectly?

Here's Donna Buenaventura main site to check for applicable updated information.

Edit: ocx file not needed. I think that I'm getting it now. Thanks Bill.

bcastner
MVM
join:2002-09-25
Chevy Chase, MD

1 edit

1 recommendation

bcastner

MVM

It does not remove or replace anything. That was the original guess being made, and it is the factual point in error about this issue.

XP SP3 does nothing to the Flash status as existed prior to its installation. It ensures that the Flash status, at least the portion that was in the SP2 distribution, is as it was for SP2. However, it will not effect a computer with a Flash update. It will not add anything that SP2 did not. It will not expose a vulenerability because there is an older version of Flash.ocx available; the issue is not unique to XP SP3 -- if there has been no updates to the computer since SP2 -- including the Hotfix above, your risk exposure is identical to the state of your system prior to installing XP SP3. And if you have updated Flash, it does not change the risk exposure by installation. Previous OCX versions are not callable under Flash if later versions are installed.

Let's not invent a vulnerability where non exists. Let's use this as a useful reminder for those who do not update Flash, or do not wish to use it, to take steps -- the Hotfix, the uninstaller from Adobe, or turning it OFF formally -- to make sure their systems are secure. But no additional securiy surface in regards to Flash is exposed by the XP SP3 installation. The Hotfix notes quoted above were the same as issued with XP SP2; revised only to suggest that if you have done nothing -- no Hotfix, no Flash Update -- then the same warning applies as it did several years ago.
SUMware2
Premium Member
join:2002-05-21

1 edit

SUMware2

Premium Member

Right, understand it now! Thanks again.