Forum Thread: Messy update of Flash Player 11.x on Windows 7

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Adobe Systems
And, this specific program:
Adobe Flash Player 11.x

This thread has been marked as locked.
mtodorov Messy update of Flash Player 11.x on Windows 7
Member 17th Feb, 2012 09:41
Ranking: 19
Posts: 238
User Since: 20th Mar, 2009
System Score: N/A
Location: HR
Hi all,

I used Adobe Systems' bundled update tool, and what happened to me was that only Flash NPAPI plugin was patched, but not ActiveX Flash plugin.

What PSI 2.0.0.4003 reported was:

__________________________________________________ _____
Adobe Flash Player 11.x 2 Patched - 11.1.102.62 (NPAPI) 11.1.102.62 (NPAPI) Up-to-date
Detected Instances:
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll, version 11.1.102.62 (NPAPI)
C:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx, version 11.1.102.55 (ActiveX)

You can double click this row for additional information and options.
__________________________________________________ _____

Only double click revealed that Flash 11e.ocx is "zombie" installation with "very limited" threat rating.

But it is the only Flash ocx control in C:\Windows\SysWOW64\Macromed\Flash folder. So I date to assume full vulnerability will be exposed in IE, as only NPAPI plugin is patched, and Up-to-date status is erroneous.

Thanks.

Regards,
mt



--
"If a task is worth doing, it is worth doing right. If it is not worth doing well, it is not worth doing." -- Dr. Jack Hyles
<><

Maurice Joyce RE: Messy update of Flash Player 11.x on Windows 7
Handling Contributor 17th Feb, 2012 09:58
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Not sure what update tool U were using but this must happen to successfuly update Flash.

REMOVING OLD ADOBE (FORMERLY MACROMEDIA) OCX FILES.

If Flash was running when an update was attempted it will not remove all of the old (and vulnerable) files.

To remove these files:

COMPLETELY EXIT via Task Manager (CTRL+SHIFT+ESC):

a. All Browsers.
b. Windows Messenger.
c. Incredimail
d. All Adobe products
e. PSI unless using Version 2.

Now navigate to here:

32 Bit Systems - C:\Windows\system32\Macromed\Flash

64 Bit Systems - C:\Windows\sysWOW64\Macromed\Flash

In these locations there should only be one .OCX file which is currentlyFLASH11f.OCX - The latest stable version (11.1.102.62). Right click & select DELETE on any other.OCX files that are present.

If U want to double check Flash is working & the version installed click here: http://www.adobe.com/software/flash/about/ If using IE9 ActiveX Filtering must be disabled via IE>Tools before testing

Run a full PSI scan & the problem is history.

Update 14 08:53 17/02/2012

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+2
-0
mtodorov RE: Messy update of Flash Player 11.x on Windows 7
Member 17th Feb, 2012 10:05
Score: 19
Posts: 238
User Since: 20th Mar 2009
System Score: N/A
Location: HR
on 17th Feb, 2012 09:58, Maurice Joyce wrote:
Not sure what update tool U were using but this must happen to successfuly update Flash.


Hi, Mr. Joyce,

I was using Adobe's update tool that default installation offers at Windows startup.

The main problem is that Secunia ruleset shows both OCX and NPAPI plugins patched (Up-to-date), where .ocx was from old installation, non-patched version, as seen from version numbers in previous post.

This is slightly misleading.

I have downloaded .ocx update, but I delayed installation, to see whether the PSI ruleset is fixed.

Regards,
mt


--
"If a task is worth doing, it is worth doing right. If it is not worth doing well, it is not worth doing." -- Dr. Jack Hyles
<><
Was this reply relevant?
+0
-0
Maurice Joyce RE: Messy update of Flash Player 11.x on Windows 7
Handling Contributor 17th Feb, 2012 10:12
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Confused.
The report U published only shows NAPI as patched so not sure what is misleading.

Adobe Flash Player 11.x 2 Patched - 11.1.102.62 (NPAPI) 11.1.102.62 (NPAPI) Up-to-date
Detected Instances:
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll, version 11.1.102.62 (NPAPI)
C:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx, version 11.1.102.55 (ActiveX)




--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+1
-0
mtodorov RE: Messy update of Flash Player 11.x on Windows 7
Member 21st Feb, 2012 10:41
Score: 19
Posts: 238
User Since: 20th Mar 2009
System Score: N/A
Location: HR
Last edited on 21st Feb, 2012 16:01
on 17th Feb, 2012 10:12, Maurice Joyce wrote:
Confused.
The report U published only shows NAPI as patched so not sure what is misleading.

Adobe Flash Player 11.x 2 Patched - 11.1.102.62 (NPAPI) 11.1.102.62 (NPAPI) Up-to-date
Detected Instances:
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll, version 11.1.102.62 (NPAPI)
C:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx, version 11.1.102.55 (ActiveX)


Ezzato. Misleading is that it says "zero vulnerable programs", despite not patching ActiveX control with a "hole that is gaping".

FALSE NEGATIVE.

Regards,
mt


--
"If a task is worth doing, it is worth doing right. If it is not worth doing well, it is not worth doing." -- Dr. Jack Hyles
<><
Was this reply relevant?
+0
-0

This thread has been marked as locked.