dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1052
share rss forum feed


angussf
Premium
join:2002-01-11
Tucson, AZ
kudos:4

7 recommendations

Flash Player 12.0.0.44 released

Security bulletin here:
Adobe Security Bulletin
»helpx.adobe.com/security/product···-04.html
Security updates available for Adobe Flash Player
Release date: February 4, 2014
Vulnerability identifier: APSB14-04
--
Angus S-F
GeoApps, Tucson, Arizona, USA
»geoapps.com/
»www.linkedin.com/in/angussf
»geoapps.blogspot.com/

art22gg
Premium
join:2005-02-16
Courtenay, BC
kudos:6
Thanks for that...


antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
United State
kudos:5
reply to angussf
I wasn't expecting that. I guess Adobe couldn't wait until next Tuesday. Or maybe there will be another one on that day too. :P

art22gg
Premium
join:2005-02-16
Courtenay, BC
kudos:6

1 recommendation


Fixed Issues

February 4th, 2014

Flash Player Bugs

Security Fixes

Probably couldn,t wait another week (critical ? )


jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
USA
kudos:24
reply to angussf
Thank you. I am delighted that they couldn't wait for this critical update. Neither could I!


chachazz
Premium
join:2003-12-14
kudos:9
Reviews:
·TELUS

2 recommendations

reply to angussf

Microsoft Security Advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer: February 4, 2014

Download links: »support.microsoft.com/kb/2929825

Windows Update will not offer this security update to Windows RT-based computers until update 2808380 is installed. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 2808380 Windows RT-based device cannot download software updates or Windows Store apps
--
Gladiator Security Forum


sbconslt

join:2009-07-28
Los Angeles, CA

1 edit

1 recommendation

reply to angussf
Correct, they couldn't wait because it fixes a high severity, priority 1 remote code execution vulnerability with exploits floating around in the wild.
--
Scott Brown Consulting, Los Angeles Computer Security & IT Services


antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
United State
kudos:5
Reviews:
·Time Warner Cable
said by sbconslt:

Correct, they couldn't wait because it fixes a high severity, priority 1 remote code execution vulnerability with exploits floating around in the wild.

Let's hope we don't get another Flash update next Tuesday then. :P
--
Ant @ AQFL.net and AntFarm.ma.cx. Please do not IM/e-mail me for technical support. Use this forum or better, »community.norton.com ! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer.


angussf
Premium
join:2002-01-11
Tucson, AZ
kudos:4

1 recommendation

reply to angussf
More on this, which appears to be a zero-day undergoing active exploitation (or it wouldn't have been pushed out a week before "Patch Tuesday").

Adobe ranks this "priority 1":
"This update resolves vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild for a given product version and platform. Adobe recommends administrators install the update as soon as possible. (for example, within 72 hours)."
Krebs also has a lot to say:
Adobe Pushes Fix for Flash Zero-Day Attack — Krebs on Security
»krebsonsecurity.com/2014/02/adob···-attack/
--
Angus S-F
GeoApps, Tucson, Arizona, USA
»geoapps.com/
»www.linkedin.com/in/angussf
»geoapps.blogspot.com/


angussf
Premium
join:2002-01-11
Tucson, AZ
kudos:4

1 recommendation

Chrome and IE10 & IE11 users (on Windows 8) need to update separately from the Adobe patches because those browsers have their own versions of Flash.

ISC Diary | Adobe Flash Player Emergency Patch
»isc.sans.edu/diary/Adobe+Flash+P···ch/17567
Adobe today released an emergency patch for a vulnerability that is currently actively exploited. The patch addresses CVE-2014-0497. [1]

The address affects all Windows, OS X and Linux. for Windows/OS X, the current version is now 12.0.0.44 and for Linux 11.2.202.336. Google Chrome users need to update Google Chrome to fix the included version of Flash as do users of Internet Explorer 10 and 11. [2]

[1] »helpx.adobe.com/security/product···-04.html
[2] »technet.microsoft.com/en-us/secu···/2755801
My version of SRWare's Iron Browser uses the plugin Flash Player so I didn't have to update it.
--
Angus S-F
GeoApps, Tucson, Arizona, USA
»geoapps.com/
»www.linkedin.com/in/angussf
»geoapps.blogspot.com/

Libra
Premium
join:2003-08-06
USA
kudos:1
reply to angussf
Thank you

EdmundGerber

join:2010-01-04
kudos:1
reply to angussf
I like downloading from this location - less chance of a drive-by malware install

»www.adobe.com/products/flashplay···on3.html

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
reply to sbconslt
But why do people use Flash Player now? Almost all video plays in HTML5. Flash Player is no longer needed. Get rid of it. Many videos will not play in HTML5 UNLESS you have Flash Player disabled...some tricky shit on Adobe's part I suppose to try and save Flash Player.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
United State
kudos:5
Reviews:
·Time Warner Cable
said by Mele20:

But why do people use Flash Player now? Almost all video plays in HTML5. Flash Player is no longer needed. Get rid of it. Many videos will not play in HTML5 UNLESS you have Flash Player disabled...some tricky shit on Adobe's part I suppose to try and save Flash Player.

Flash games. :P I wished there was a HTML5 video blocker though since I block Flash, Silverlight, etc.
--
Ant @ AQFL.net and AntFarm.ma.cx. Please do not IM/e-mail me for technical support. Use this forum or better, »community.norton.com ! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer.


Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11

2 recommendations

reply to Mele20
Keyword: almost. There are still sites that do not fully support HTML5. Even YouTube will not play all videos in HTML5.