Welcome to WebmasterWorld Guest from 34.229.24.100

Forum Moderators: open

Message Too Old, No Replies

Adobe Flash Critical Vulnerability for Windows, Mac, and Linux

     
11:36 am on Jul 13, 2015 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:26177
votes: 960


This new exploit was reported only on Friday, so don't get it confused with the patch released last Wednesday. Adobe is to release another patch this week.

Critical vulnerabilities (CVE-2015-5122, CVE-2015-5123) have been identified in Adobe Flash Player 18.0.0.204 and earlier versions for Windows, Macintosh and Linux. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.

Adobe is aware of reports that exploits targeting these vulnerabilities have been published publicly. Adobe expects to make updates available during the week of July 12, 2015. Adobe Flash Critical Vulnerability for Windows, Mac, and Linux [helpx.adobe.com]
1:54 am on July 14, 2015 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 893


The Adobe site offers the update now.

Watch out for the sneaky McAfee inclusion :)
11:26 am on July 14, 2015 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:26177
votes: 960


Yes, the sneaky download already checked is annoying.

Also, this probably worth noting Mozilla Firefox Now Blocking Flash By Default [webmasterworld.com]
11:43 am on July 14, 2015 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 893


Yeah, saw a pink alert that Firefox disabled the "vulnerable" Adobe Flash plugin when I visited a site that uses flash.

Looked in the plugin panel and sure enough it was set to "Ask to Activate" and pinked out (along with a couple Java plugins) even though the last update was yesterday when I got the fix.

Following the "more" link under Adobe Flash, I see there's a checked box for "enable safe mode." Don't know if I should leave it checked or not. Guess I'll see if keeping it checked interferes with anything.
11:52 am on July 14, 2015 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:9889
votes: 967


On sites where I allow flash, Firefox is checking to see if the flash plugin is up to date. Did what it was supposed to do, last Wednesday and just now. (I listen to a lot of internet radio for news and amusement).
11:56 am on July 14, 2015 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 893


Well I beat Firefox to it and did the update manually :)
2:02 pm on July 15, 2015 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:26177
votes: 960


For anyone that wants to read the Adobe Security bulletin which details all the versions affected. [helpx.adobe.com...]
6:11 pm on July 21, 2015 (gmt 0)

Preferred Member

10+ Year Member Top Contributors Of The Month

joined:July 23, 2004
posts:587
votes: 97


heh .. Lower priority on a Linux build older than the one I have.

My build wasn't even mentioned and yet here goes Mozilla, blanket blocking everything under the sun.

Guess that's become the new norm?

At any rate .. I allowed access for each instance, and in order to keep Flash working on the pages I visited, all I had to do was bookmark them, upon which after, Flash always played and I never got the notice.