Vulnerabilities in Adobe Flash Player (All Versions)

Vulnerabilities in Adobe Flash Player (All Versions)

If you will notice in the attached photo there are three files I have circled in red. They are end of life files and need to be deleted. Deleting them will not effect your Flash Player. You will find them in ever version of Flash Player. If you don’t see it go back later and check it because for some unknown reason Adobe keeps replacing them. There location is Computer/Local Disk C/Windows/System32/Macromed/Flash. They are Flash.ocx, Get Flash, Get Flash.exe.manifest. My version may be different from yours but these files will be in all versions. I am using Adobe Labs Flash Player version 10.1.51.95 beta 3 plug in for Windows. This version works with Comodo Dragon, Google Chrome, Opera, and Firefox.
http://labs.adobe.com/downloads/flashplayer10.html

This info courtesy of Secunia PSI

[attachment deleted by admin]

Well, i use flash player 10.1 beta 3.What about this version?

I use 9.0.115 plugin for Firefox 3.6, and only have the ocx file in the location you highlighted.

However, IE is blocked by my firewall, and Firefox does not read ActiveX by default.

This is same version I am running. If you will look in remove programs in Windows it will give you the full version number.

None of the browsers I mentioned above use ActiveX. But the near end of life files still need to be deleted because there is no update/patch for them.

9.0.115 is the same version as 10.0.45.2 plug in version and works on Firefox, Opera, Comodo Dragon, and Google Chrome.

Did anybody try to uninstall with Adobe’s Flash Uninstaller and then reinstalling the latest Flash? Currently not at my own computer so I cannot test myself.

EricJH

Those are the latest versions and when you first install flash player the near end of life files are not in the flash folder in most cases but after your online and run flash for a while they will appear in the flash folder like in the photo on the original post. This reappearance of these near end of life files will happen more than once. I sent Adobe an email a few months ago about this issue and this is the answer I received; No Comment

I was curious to the fact to whether these files would be removed by the uninstaller as a “quick and easy fix”.

Um exactly what’s so bad about these files? Anyways I’ve been using the latest version of the flashplayer plugin for firefox for a little over a week now and I checked the folder and I do not see any of those files you circled.

Funny thing is I do not see a Flash.ocx file instead I see Flash6.ocx so does that make any difference? But as for the other two files mentioned I do not see them.

Flash6.ocx is near end out life also. Thats ActiveX for Flash Player 6.

I don’t seem to have any of these, I do have Flash10e.ocx but that’s the only one that even favors any that you specified. ???

Thats one you need, don’t remove it.

I don’t need to look. if i know the version, right?:)) I’m just asking, if you know for some vulnerabilities in this version, please share your info.:slight_smile:

The vulnerability is the near end of life file Flash.ocx. or Flash6.ocx or Flash7.ocx ActiveX and could allow remote code execution

More info here on all vulnerabilities in Adobe Flash Player.

I had a look and I don’t have any of them (see screenshot)
I did an Everything search and found nothing
I use FireFox and Opera myself but IE is not blocked in any way (I even auto update)
I have only ever updated Flash, nothing else.

You mention Secunia PSI, did you run a Secunia scan and it informed you of the End of Life files ?
I have scanned with Secunia PSI once a week for over a year and it has never found these files.

All the best, woz of oz

[attachment deleted by admin]

+1

IIRC (which I did :stuck_out_tongue:), those files are installed by a new install or reformat of certain XP (SP’s). During a couple of my past reformats, I had to manually remove them. They are legacy Flash files that somehow Microsoft had KB updates on. I think they were Macromedia back then.

Yes Secunia PSI detected the files.

Please do not double post; there was no need to post the same answer consecutively twice.

Windows XP doesn’t seem to have the problem with this since the MS updates. I had this issue when I was running Vista and now on Windows 7.