flash player is hanging up in Ice. not sure if it’s flash or ice. there is definitely a vulnerability with flash. manager shows it still loaded well after closing the tab with flash and the container. why doesn’t ice close flash and the container when that tab closes? it’s also freezing, but that may not be ice and maybe related to that vulnerability?
well that was interesting. i didn’t go to a flash webpage, but one with no flash. browser starts freezing and checking manager shows flash in enabled and the container for it. it seems websites have discovered a vulnerability in flash and ice dragon? and exploiting it for their ads and popups?
i was told here previously of the vulnerability in mozilla…seems something ought to be done about it?
Are you sure plugincontainer was closed when you opened CID to open that web site? What web site where you visiting? I assume it is a regular web site. Please post the url with hxxp:// at the beginning instead of http://.
Can you try uninstalling Flash running Flash clean up tool and then reinstalling Flash?
Thank you for your reply.
Yes, the container was unloaded at time of webpage visit. I always keep manager opened.
I don’t feel proper giving the website it happened at. I did ask them about their using some script for it…(didn’t view webpage structure for such though).
I usually stream MSNBC most of the day and container would be enabled for that…so not sure if it happens at other sites, but didn’t notice it. I also tested to see if flash loaded without streaming and it loaded on that site…so it is something scripted prompting CID to load container.
As soon as i close container…flash items close and CID gives the notice of blocked along the top.
Encountered plenty of streaming sites with their pop ups, pop unders and those don’t really concern me so much, but loading container at visiting a webpage? Not sure about that.
Will run the flash cleaner.
I haven’t installed anything extra for ads and pop blocking. I mostly use CID for streaming news during the day and chess…so i didn’t feel much need to add plugs.
Is there a plug or something that might resist a webpage from loading flash, without what i would call, a proper reason for it?
Thanks for your response. I’ll do the flash cleaner and see if that does anything.
If you have any recommends on plugs and such? Would appreciate their names and i can check them out.
Thanks again[at]
I added capitals at the beginning of sentences for an easier read. Eric
I took the liberty of editing your post by adding capitals at the beginning of the sentences and making the abbreviations MSNBC and CID in caps for an easier read. It structures the sentences for easier skimming and reading.
What you are looking for is an option to enable plugins on demand. I’m not a Mozilla user (still op Opera 12.17) and could not immediately find an option or extension. There are several extensions that deal with plugins but I didn’t inquire them specifically.
Thank you, sir.
The only real use of Mozilla by me is pretty much through CID.
lol
I was always an Opera user too and it looks like your prefer the before model too?
Will do the clean and see what’s what with that. i’m not too concerned…just curious and wondering if i should be concerned. It seems they’re just trying to get past the blockers.
Thanks…i’ll still use CID.
tried the cleaner and install and it still loads. didn’t look at C3 structure, but looks a getaround.
thanks@
Guess this will be last update.
I tried opera 12.17 with the website and container did not load.
thanks for the helps@
Only the x64 of Opera 12.17 has a plugincontainer process; the x86 doesn’t. It’s called opera_plugin_wrapper.exe.
I have not read the thread or the OP; I never do on any board; I just begin to post to any thread where the title has ALL the information I need to know.
Flash is a plug-in component of Mozilla technology based browsers. Flash is an ActiveX component of Windows technology browsers. Ne’er the twain shall meet, i.e., each browser will update what is required. I feel that Flash auto-update updates the component necessary for the particular browser that’s defined as the system default-browser. I never use auto-update for anything; the root cause of too many issues to shake a stick at. For that reason I ensure that ‘notify updates available’ is always checked in any software I install.
Mozilla technology browsers will lock-out utilization of whatever version of Flash has been implemented by whatever Mozilla technology browser has been installed whenever the particular version of Flash has been deemed by the Powers that that version of Flash is vulnerable to security exploit. Once the Flash plug-in component of a Mozilla technology-based browser has been locked-out, the update add-on Flash component will be non-functional within the Mozilla technology based browser. The same is not true for browsers implementing Flash with ActiveX based-technology; update the Mozilla plug-in and the ActiveX is still deprecated - update the latter and the Mozilla plug-in is still locked-out.
Its strongly recommended to make a particular Mozilla technology-based browser the system default-browser; that will ensure that any Flash update notifications that are obtained at boot-time - that’s the only time I’ve ever seen Flash update notifications and usually manifest themselves after a BSOD - will be implemented. Nevertheless, if you’re using an ActiveX based-technology browser, and you’ve updated the Flash plug-in for the Mozilla technology-based browser of your choice, you will need to update the former manually by going to the Flash update website and downloading the installer recommended specifically for the specific browser session that’s active.
The foregoing notwithstanding, it may be of value for readers to know that Mozilla based-technology browsers implement session-containerization scheme that is manifested with ‘plug-in container’ image that executes as a child of the Mozilla techology-based browser. This propagated child-process must not be impeded in any way whatsoever; your Flash experience will be much less than desirable.
Whatever - if any - host intrusion protection application that has been implemented must understand that the ‘plug-in container’ process can, and will, be spawned at any time and must not be interfered with It will require the following group-policy access-rights:
Run executable:
%PROGRAMFILES%\Microsoft Silverlight\5.1.30514.0\agcp.exe
%SYSROOT32%\control.exe
%SYSROOT32%\dwwin.exe
%TEMP%{5B261F3B-CD4E-4DFE-B8E2-0C196154DDC4}\adobeshockwavextrabundle.exe
The first one is - obviously - MS Silverlight and clearly it and Flash talk to each other. That last one is dependent upon the enviro-variable $TEMP$ + a GUID the latter may be system specific.
interprocess memory access
%appstore%\icedragon.exe
%windir%\explorer.exe
Windows/WinEvent hooks
%SYSROOT32%\DINPUT8.dll
Windows messages
%appstore%\icedragon.exe
Protected COM interface
%SYSROOT32%\svchost.exe
%SYSROOT32%\Adobe\Shockwave 12\SwHelper_1218158.exe
Protected registry entries
HKUS\S-1-5-21-‘UID’\Software\Microsoft\Windows\CurrentVersion\RunOnce\FlashPlayerUpdate
HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates{ GUID }
HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates{ GUID } \Blob
Protected Files / Folders
%TEMP%\FAP?.tmp
%SYSROOT32%\Macromed\Flash\testUpdate.txt
%USR_LOCAL_APPDATA%\Microsoft\Silverlight\OutOfBrowser\index\res2.windows.microsoft.com
%USR_LOCAL_APPDATA%\Adobe\Shockwave Player 12\xtras\download\AdobeSystemsIncorporated\SWA\adobeshockwavextrabundle.exe
%TEMP%{5B261F3B-CD4E-4DFE-B8E2-0C196154DDC4}\adobeshockwavextrabundle.exe
DNS Client Service
Computer Monitor
Keyboard
To be excruciatingly clear: the ‘{ GUID }’ values cited above are most likely implementation specific, so they should be looked for but not ‘hard-coded’
The bottom line: ‘plugin-container.exe’ is invoked by Mozilla browser - as needed - and it runs and dies as needed. Its akin to a ‘woody’ or a ‘pup-tent’
That being said - and none of the foregoing notwithstanding -
Plugins are loaded separately from Firefox, allowing the main Firefox process to stay open if a plugin crashes. This article explains what ‘plugin-container’ process accomplishes…
[Excerpted: read entire article at https://support.mozilla.org…kb/what-is-plugin-containern…]
thanks for the tech. it was interesting reading.
sort of curious and think i’ll look at that website C-3 and see what they’ve done that triggers flash activation in CID. assume that was the purpose.
guess this thread is fini…thanks@