Forum Thread: Insecure Adobe Flash + End of Life Firefox 20.x + Blaster Nachi

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as resolved.
quadrinity Insecure Adobe Flash + End of Life Firefox 20.x + Blaster Nachi
Member 30th Jul, 2013 01:13
Ranking: 0
Posts: 4
User Since: 29th Jul, 2013
System Score: N/A
Location: CA
My current Adobe Flash Player is up-to-date.
I am running Firefox 21, and Keep updating Microsoft Removal Tool Blaster/Nachi.
Each week I run Secunia PSI and the program shows these 3 programs as "faded". After a few minutes the Microsoft Removal goes dark and I can update it.
Both the Flash Player and Firefox never do, and all I have is my cursor arrow on them, showing that they aren't available.
I finally got fed up and changed them so that Secunia doesn't warn me if the 3 programs need updating.
Since I've done that both the Firefox 20.X and Microsoft Removal tool both say End of Life.
How can I get these programs resolved?
Thanks :)

Post "RE: Insecure Adobe Flash + End of Life Firefox 20.x + Blaster Nachi" has been selected as an answer.
Maurice Joyce RE: Insecure Adobe Flash + End of Life Firefox 20.x + Blaster Nachi
Handling Contributor 30th Jul, 2013 02:10
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Microsoft Removal Tool Blaster/Nachi was introduced for Windows XP & has been replaced by Windows Malicious Software Removal Tool which is updated & activated by Microsoft on every Patch Tuesday.

You can safely ignore that programme,

What paths does PSI give you for Flash & Firefox? - you will need to delete the ignore rules & rerun a scan for the answer.

FINDING A FILE PATH USING PSI

VERSION 2


From the DASHBOARD page click on SCAN RESULTS.

1. This will list all your programmes with a + to the left of each programme.
2. Click the + sign next to the item that U want help with.
3. This will reveal the path under DETECTED INSTANCES.
4. Below DETECTED INSTANCES you will see this You can double click this row for additional information & options>double click it>a box will appear>look to the RIGHT & U will see TROUBLESHOOT REPORT in BLUE writing under the heading TOOLBOX> click TroubleShoot Report & it will reveal some information in a box>highlight the information revealed from ---START--- to ---END--- & copy it (CTRL+C) then post it to the Forum (CTRL+V)

VERSION 3
This version does not have such an easy method to publish the path.

Open PSI>once open select Show Programs.
U will now see a page full of programme icons or a list.
Right click on the programme in error>select Show Details - that will open a box showing the path & version number of the offending file.
U now have 2 options:
1. Write down the exact file path & install version - return to the Forum & type that information.
2. Take a screen shot & publish that.

Last Reviewed 22:07 25/07/2013


--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+0
-0
quadrinity RE: Insecure Adobe Flash + End of Life Firefox 20.x + Blaster Nachi
Member 30th Jul, 2013 03:52
Score: 0
Posts: 4
User Since: 29th Jul 2013
System Score: N/A
Location: CA
Maurice:

Here's the info on Flash:

C:\WINDOWS\system32\Macromed\Flash\Flash32_11_7_70 0_224.ocx

Any idea how I can removed the End of Life Firefox and Blaster/Nachi icons?

Thanks!



Was this reply relevant?
+0
-0
Maurice Joyce RE: Insecure Adobe Flash + End of Life Firefox 20.x + Blaster Nachi
Handling Contributor 30th Jul, 2013 10:37
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
I assume you are using PSI version 3.

THE IMPORTANT BIT - Before deleting the vulnerable file check these programmes are completely shut down (use the Task Manager if necessary (CTRL+SHIFT+ESC) to COMPLETELY EXIT these processes if running)):

a. All Browsers.
b. Windows Messenger.
c. Incredimail.
d. All Adobe Products.
e. Microsoft Skype & Plus! For Skype

Now do this:

Open PSI>once open select Show Programs.

U will now see a page full of programme icons or a list.

Right click on the icon that represents the programme in error>select Show Details - that will open a box showing the path & version number of the offending file.

Double click on C:\Windows\System32\Macromed\Flash\Flash32_11_7 _70 0_224.ocx, version 11.7.700.224

That will open Windows Explorer (File Explorer) & U will see that file. Right click on it & select delete.


Last Reviewed 09:24 30/07/2013


You do exactly the same procedure as above to remove the old Firefox.

Now run a full PSI scan & both problems should be resolved.

This gives more detail on Blaster/Nachi - as stated you can safely ignore it.

https://secunia.com/community/forum/thread/show/13...

I am not exactly sure what you mean by removing the icons. Once you remove the vulnerabilities they will disappear.




--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+1
-0
quadrinity RE: Insecure Adobe Flash + End of Life Firefox 20.x + Blaster Nachi
Member 31st Jul, 2013 14:03
Score: 0
Posts: 4
User Since: 29th Jul 2013
System Score: N/A
Location: CA
I followed your instruction Maurice, and I still have Adobe Flash Player Activex 10.x Insecure and End of Life Microsot Blaster/Nachi under "programs that do not receive updates". I've tried to removed the Flash, but it claims to be a "read only" file and after scanning still appears under "programs that do not receive updates".
These 2 programs do not disappear from the listing of programs that Secunia scans and shows as updated.
I will just leave them as checked for no updates.
As long as the rest of my programs are up-to-date and leaves my Secunia at 100%, that's good enough for me.
Thanks again Maurice :)

P.A. The Sign in Box for this Icon is always at the bottom of my screen and I can only put in my name and password, It takes several minutes to log in. Can't the log in box appear in the centre of the screen - just a suggestion :)
Was this reply relevant?
+0
-0
Maurice Joyce RE: Insecure Adobe Flash + End of Life Firefox 20.x + Blaster Nachi
Handling Contributor 31st Jul, 2013 16:01
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
To ignore Blaster/Nachi is perfectly safe. PSI will continue to show it because it reads the programme meta data.

That is not the same for Adobe Flash. The 100% score Secunia have awarded you is a false positive (in my view a MAJOR programme bug) in that it allows users to create an ignore rule for any vulnerable programme & then indicates all is well with a 100% score.

What you do is entirely a personal matter but I personally would want to clear out Flash to a safe & stable state.

This can be done as follows:

Click this link & save it to desktop.

http://kb2.adobe.com/cps/141/tn_14157.html

Open the desktop link & check the procedure for clearing out Flash successfully. In stage 4 rather than open your browser run a full scan of PSI.

It should not report the presence of any Flash elements that use Active X.

If that is the case reinstall Flash from here:

http://get.adobe.com/flashplayer/?promoid=JZEFT

The latest Flash Files using ActiveX should look like this in Windows Explorer (File Explorer):

https://1ncuig.bn1.livefilestore.com/y2pk2kJovpaGS...

Hope this helps.

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+0
-0
quadrinity RE: Insecure Adobe Flash + End of Life Firefox 20.x + Blaster Nachi
Member 1st Aug, 2013 02:29
Score: 0
Posts: 4
User Since: 29th Jul 2013
System Score: N/A
Location: CA
Last edited on 1st Aug, 2013 02:30
Maurice:
Again I followed your instructions.
I re-booted my system - did another scan, and the Insecure Adobe Flash has now gone away!
Thank you for your time and patience.
:)

Was this reply relevant?
+0
-0

This thread has been marked as locked.