art22gg Premium Member join:2005-02-16 Courtenay, BC 1 edit
3 recommendations |
art22gg
Premium Member
2013-Feb-26 3:15 pm
Update:Adobe Flash Player..11.6.602.171.Feb.26/13 This update resolves a permissions issue with the Flash Player Firefox sandbox (CVE-2013-0643). This update resolves a vulnerability in the ExternalInterface ActionScript feature, which can be exploited to execute malicious code (CVE-2013-0648). This update resolves a buffer overflow vulnerability in a Flash Player broker service, which can be used to execute malicious code (CVE-2013-0504). » www.adobe.com/products/f ··· on3.htmlThese def,s have a priority of [1]....meaning...from Adobe...Priority 1 This update resolves vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild for a given product version and platform. Adobe recommends administrators install the update as soon as possible. (for instance, within 72 hours). |
|
|
siljalineI'm lovin' that double wide Premium Member join:2002-10-12 Montreal, QC |
Got a changelog, Art ?
TA ~ |
|
|
Release notes: » helpx.adobe.com/en/flash ··· tes.htmlSecurity bulletin: » www.adobe.com/support/se ··· -08.htmlAdobe has released security updates for Adobe Flash Player 11.6.602.168 and earlier versions for Windows, Adobe Flash Player 11.6.602.167 and earlier versions for Macintosh, and Adobe Flash Player 11.2.202.270 and earlier versions for Linux. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Adobe is aware of reports that CVE-2013-0643 and CVE-2013-0648 are being exploited in the wild in targeted attacks designed to trick the user into clicking a link which directs to a website serving malicious Flash (SWF) content. The exploit for CVE-2013-0643 and CVE-2013-0648 is designed to target the Firefox browser.
Adobe recommends users update their product installations to the latest versions:
Users of Adobe Flash Player 11.6.602.168 and earlier versions for Windows and Adobe Flash Player 11.6.602.167 and earlier versions for Macintosh should update to Adobe Flash Player 11.6.602.171.
Users of Adobe Flash Player 11.2.202.270 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.273.
Adobe Flash Player installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 11.6.602.171 for Windows, Macintosh and Linux.
Adobe Flash Player installed with Internet Explorer 10 for Windows 8 will automatically be updated to the latest version of Internet Explorer 10, which will include Adobe Flash Player 11.6.602.171 for Windows. |
|
|
to art22gg
Thanks. Guess I'll be away for a bit installing 6 times (3 boxes x IE/plug-in versions). |
|
DasGoat join:2013-02-12 Charleston, WV |
to art22gg
Anyone willing to test installing this file » aihdownload.adobe.com/bi ··· _aih.exe on a VM/PC to see if it's legit. I've checked it on virustotal.com and it came back positive for one company. I believe it installs Reveton. I don't have the means to test it myself. |
|
|
StuartMW
Premium Member
2013-Feb-26 3:58 pm
Why don't you get the Flash update(s) from Adobe directly? » www.adobe.com/products/f ··· on3.html |
|
DasGoat join:2013-02-12 Charleston, WV |
to art22gg
I didn't download it. Someone else did. The whois information says it's for Adobe. They downloaded/installed it and then bad things. |
|
|
StuartMW
Premium Member
2013-Feb-26 4:06 pm
Well in that case perhaps they learned a lesson.
The site may well be Adobe's but I always use bookmarked legitimate download pages to get stuff. Even then I validate (digital signatures etc) and A/V scan the downloads. |
|
DasGoat join:2013-02-12 Charleston, WV |
to art22gg
I doubt that, sadly. |
|
RoboticsSee You On The Dark Side Premium Member join:2003-10-23 Louisa, VA |
to art22gg
I don't update till I am prompt to do so when it comes to Adobe |
|
Darek Premium Member join:2000-12-04 Chicago, IL |
to art22gg
Installed.
Thanks Art. |
|
chip89 Premium Member join:2012-07-05 Columbia Station, OH |
to art22gg
Had to install it two times because chrome fought it was't up to date so it kept blocking Flash. Ended up having to unstall Flash and re download flash. |
|
2 recommendations |
to art22gg
Update for Internet Explorer Flash Player for Windows 8 (KB2819372)» www.microsoft.com/en-us/ ··· id=36815Update for Internet Explorer Flash Player for Windows 8 x64 (KB2819372)» www.microsoft.com/en-us/ ··· id=36813Update for Internet Explorer Flash Player for Windows Server 2012 (KB2819372)» www.microsoft.com/en-us/ ··· id=36814You must have update 2771431 (a servicing stack update) installed before you install this update. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 2771431 . Windows RT must go through Windows Update. More Information for IE 10 users: » support.microsoft.com/kb/2819372 |
|
antdudeMatrix Ant Premium Member join:2001-03-25 US |
to art22gg
Again??! Every dang week! |
|
siljalineI'm lovin' that double wide Premium Member join:2002-10-12 Montreal, QC |
to chachazz
Those are stand-alone installers Now that they're baked into IE 10, those should be fetchable via WU. Others can update Flash via your preferred poisoning method. |
|
angussf Premium Member join:2002-01-11 Tucson, AZ |
to antdude
said by antdude:Again??! Every dang week! Constant updates like this (and Java) is one of the main reasons why I'm using VIPRE Premium on my network and at most of my clients -- patch management at an inexpensive price. I can roll this puppy out to all the workstations with a few clicks. And VIPRE Premium is only a few dollars per workstation more per year than the AV-only version. |
|
Dustyn Premium Member join:2003-02-26 Ontario, CAN ·Carry Telecom ·TekSavvy Cable Asus GT-AX11000 Technicolor TC4400
1 recommendation |
to siljaline
said by siljaline:Those are stand-alone installers
Now that they're baked into IE 10, those should be fetchable via WU.
Others can update Flash via your preferred poisoning method. ... what's the issue? It's an alternate download method for anyone who may wish to use those installers. Options are always appreciated. Clearly they must serve a purpose or Microsoft would not have made them available. |
|
Dustyn |
to art22gg
Thanks Arty! |
|
1 recommendation |
to siljaline
said by siljaline:Those are stand-alone installers
Now that they're baked into IE 10, those should be fetchable via WU.
Others can update Flash via your preferred poisoning method. They sure are stand-alone installers. You infer that Microsoft is offering "poisoned" installers? |
|
siljalineI'm lovin' that double wide Premium Member join:2002-10-12 Montreal, QC |
siljaline
Premium Member
2013-Feb-26 11:48 pm
Stand-alone installers tend to install more than a method other than using stand-alone installers. » support.microsoft.com/kb/2819372» www.adobe.com/products/f ··· on3.html |
|
Mele20 Premium Member join:2001-06-05 Hilo, HI
1 recommendation |
to Dustyn
said by Dustyn:said by siljaline:Those are stand-alone installers
Now that they're baked into IE 10, those should be fetchable via WU.
Others can update Flash via your preferred poisoning method. ... what's the issue? It's an alternate download method for anyone who may wish to use those installers. Options are always appreciated. Clearly they must serve a purpose or Microsoft would not have made them available. I'm glad to see Microsoft make my life a bit easier since I don't use WU. I just installed the IE update. No reboot required. I haven't done plugin one yet. |
|
BloggerJedi Poster Premium Member join:2012-10-18 |
to art22gg
If Oracle ever built or designed a submarine they'd probably put a screen door on it. |
|