Forum Thread: Adobe Flash CS4

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI 2.0 Beta

This thread has been marked as locked.
ottchris-primary Adobe Flash CS4
Member 3rd Dec, 2010 03:59
Ranking: 5
Posts: 25
User Since: 19th Apr, 2008
System Score: N/A
Location: UK
The 'fix' that worked with the previous version PSI 2.0 Beta no longer works. PSI reports:

The version detected of Adobe Flash CS4 was 10.1.52.14 while the latest version including one or more security fixes is 10.1.102.64.

[Not sure where PSI gets 10.1.52.14 from; the executable flash.exe as listed in the "Detected Instances" path statement is 10.0.2.566]

The "Extra Information / Known Issues" pop-up advises:

Begin Quote

Rename the downloaded file to FlashPlayer.exe

Replace the old FlashPlayer.exe located in the "Players" folder in the Flash CS3 folder.

Rescan with the PSI and you should now be flagged as "patched"

End Quote

Even though they refer to "CS3" these instructions used to work for CS4 despite the fact that FlashPlayer.exe and Flash.exe are obviously not the same executable. This 'fix' no longer works, i.e. FlashPlayer.exe in my Flash CS4 Players folder *is* 10.1.102.64 and therefore patched according to the above but remains stubbornly marked insecure despite rescanning.

It used to be the case that although a Full Scan would always flag CS4 Flash.exe as insecure , rescanning the individual entry would change it to patched; illogical but that's the way it worked - or used to work.

It's about time PSI made up its mind which executable it was flagging as insecure and *patchable*.

Regards to All,

Chris

--
OS: Windows XP Pro SP3

ottchris-primary RE: Adobe Flash CS4
Member 9th Dec, 2010 04:25
Score: 5
Posts: 25
User Since: 19th Apr 2008
System Score: N/A
Location: UK
on 3rd Dec, 2010 03:59, ottchris-primary wrote:
The 'fix' that worked with the previous version PSI 2.0 Beta no longer works. PSI reports:

The version detected of Adobe Flash CS4 was 10.1.52.14 while the latest version including one or more security fixes is 10.1.102.64.

[Not sure where PSI gets 10.1.52.14 from; the executable flash.exe as listed in the "Detected Instances" path statement is 10.0.2.566]

The "Extra Information / Known Issues" pop-up advises:

Begin Quote

Rename the downloaded file to FlashPlayer.exe

Replace the old FlashPlayer.exe located in the "Players" folder in the Flash CS3 folder.

Rescan with the PSI and you should now be flagged as "patched"

End Quote

Even though they refer to "CS3" these instructions used to work for CS4 despite the fact that FlashPlayer.exe and Flash.exe are obviously not the same executable. This 'fix' no longer works, i.e. FlashPlayer.exe in my Flash CS4 Players folder *is* 10.1.102.64 and therefore patched according to the above but remains stubbornly marked insecure despite rescanning.

It used to be the case that although a Full Scan would always flag CS4 Flash.exe as insecure , rescanning the individual entry would change it to patched; illogical but that's the way it worked - or used to work.

It's about time PSI made up its mind which executable it was flagging as insecure and *patchable*.

Regards to All,

Chris


Secunia staff should note that my Flash CS4 experience is the opposite to the Flash CS3 experience as reported by Motty and commented on by me in the following Topic:
http://secunia.com/community/forum/thread/show/630...

I mention this as a possible reason why I am still waiting for a response after 6 days!

--
OS: Windows XP Pro SP3
Was this reply relevant?
+0
-0

This thread has been marked as locked.