Adobe says this new exploit can allow a hacker to takeover your computer if you click on a flash video (or Reader pdf) from a compromised website.

http://www.computerworld.com/s/article/9177705/Update_Attackers_exploit_critical_bug_in_Adobe_s_Flash_Reader?taxonomyId=85

http://labs.adobe.com/downloads/flashplayer10.html#flashplayer10

N

This is getting odd and odd...

But use a RC version is not a good solution, I think I'll wait for a final before a new zero day bug is discovered in that RC.

Quote
JohnHell
This is getting odd and odd...

But use a RC version is not a good solution, I think I'll wait for a final before a new zero day bug is discovered in that RC.

John,

That is one way to go, but for myself, I went for the RC, but am using flashblock all the time and just skipping the impulse to run flash videos until this thing gets sorted out.

N

I prefer using the release candidate temporarily,
version number 10.1.53.64 (Shockwave Flash 10.1 r53),
it seems anyhow to be safer than the old version,
which is confirmed to be vulnerable.
First of all it seems to be advisable to use
a different pdf reader.

Fred

Quote
Fred
I prefer using the release candidate temporarily,
version number 10.1.53.64 (Shockwave Flash 10.1 r53),
it seems anyhow to be safer than the old version,
which is confirmed to be vulnerable.
First of all it seems to be advisable to use
a different pdf reader.

Fred

Fred,

Yes, the release candidate for now and when the last round of Adobe vulnerabilities hit, I switched over to Foxit Reader, now running its latest (I believe) 3.3.1.0518

N



Edited 1 time(s). Last edit at 06/06/2010 03:38PM by ndebord.

I was rather surprised when I recently discovered (at my job, no choice of alternatives) that Adobe Reader isn't just a static text-and-images program! That thing is actually much the same as a browser, it uses *javascript*, all sorts of interactive stuff, even plays flash videos - crazy! :O Who really needs that in a pdf?? I for one have never come across such a multimedia pdf, or didn't notice it.
And when googling around for security stuff the other day, learned to my surprise that PDFs actually are today the No.1 transmitters of malware, more infections by PDFs than by websites :O
No wonder, if by default all that idiotic multimedia stuff is enabled, that the PDF-Reader is just as vulnerable as a browser that keeps all doors wide open :mad:
But just like in browsers one can disable most of that stuff simply in the Reader options. But hardly anyone has a clue about this, I for one have never seen it mentioned in one of all those security warnings in the last years.
So if you don't need either javascript and videos in a PDF, and are forced to use Adobe Reader at the workplace, turn all that stuff off and voila, most of the malware doors are closed :mad: Not all of course, but most, and just like in browsers, I prefer to keep the blocks and shields up, great experiences with that :cool:

I remove almost all of the Reader plugins to not only get rid of unneeded functionality but also way speed up the load time. I'm using W98 so I get that speedup when I display pdf, not at load time. Foxit doesnt' work consistently in 98.

Quote
ndebord

Quote
JohnHell
This is getting odd and odd...

But use a RC version is not a good solution, I think I'll wait for a final before a new zero day bug is discovered in that RC.

John,

That is one way to go, but for myself, I went for the RC, but am using flashblock all the time and just skipping the impulse to run flash videos until this thing gets sorted out.

What do I said?

http://www.computerworld.com/s/article/9177811/Adobe_delays_Reader_patch_as_attacks_spread_exploit_code_goes_public?source=rss_security

The best is where it says...:

"Two patches within three weeks would have incurred too much churn[...]"

Even if the delay is not strictly because Flash, there your go. In other words, release a path very quick has collateral effects.

Quote
ndebord

Quote
JohnHell
This is getting odd and odd...

But use a RC version is not a good solution, I think I'll wait for a final before a new zero day bug is discovered in that RC.

John,

That is one way to go, but for myself, I went for the RC, but am using flashblock all the time and just skipping the impulse to run flash videos until this thing gets sorted out.

ndebord & JohnHell:

if you read that Adobe security bulletin again today:
http://www.adobe.com/support/security/advisories/apsa10-01.html

part of it says in the Summary section:

Quote

We are in the process of finalizing a fix for the issue, and expect to provide an update for Flash Player 10.x for Windows, Macintosh, and Linux by June 10, 2010.

so there will be a fix for Flash Player 10.0 coming this Thursday June 10 (or Friday June 11 for those living in far away time zones).

Flash Player 10.1 is almost ready to be finalized soon, so I can just remove the 10.1 RC release I had and get ready to install the final version of 10.1. should be due out later this month (hey, it's within first half of 2010 as Adobe had planned all along)

Quote
snuz2
I remove almost all of the Reader plugins to not only get rid of unneeded functionality but also way speed up the load time. I'm using W98 so I get that speedup when I display pdf, not at load time. Foxit doesnt' work consistently in 98.

what version of foxit reader are you using under win98, snuz2?

Quote
Fred
I prefer using the release candidate temporarily,
version number 10.1.53.64 (Shockwave Flash 10.1 r53),
it seems anyhow to be safer than the old version,
which is confirmed to be vulnerable.
First of all it seems to be advisable to use
a different pdf reader.

Fred

this is no longer an RC release, Fred. Flash Player 10.1.53.64 is now a final release.

Adobe security bulletin APSB10-14 now posted-
http://www.adobe.com/support/security/bulletins/apsb10-14.html



Edited 1 time(s). Last edit at 06/10/2010 10:29PM by 4td8s.

hexed version(saves flash as tmp) uptaded to 10.1.53.64. available from plugins page or within flashswitcher extension
kmext.sf.net/ext5.htm (switcher)
kmext.sf.net/mplug.htm (standalaone plugin)

extract npswf32.dll directly in kmeleon\plugins folder

new plugin has ballooned to more than 5mb..one plugin the size of kmeleon setup, absurd

Thanks for staying on top of this flash fiasco disrupted. Go messi.ah

soccerfan

Quote
disrupted
hexed version(saves flash as tmp) uptaded to 10.1.53.64. available from plugins page or within flashswitcher extension
kmext.sf.net/ext5.htm (switcher)
kmext.sf.net/mplug.htm (standalaone plugin)

extract npswf32.dll directly in kmeleon\plugins folder

new plugin has ballooned to more than 5mb..one plugin the size of kmeleon setup, absurd

Disrupted,

Thanks once again for a very nice hexed Flash.... by the next release it will probably double in size once again!

N

Hi disrupted, I can't see any video with the new plugin, the box of no plugin installed appears. Do I need to reboot the system?

it could be that that latest version doesn't really work on 9x like previous versions did. i never had chance ot test it on 98.. i'll check it out on 98 but for now, use the previous version:

ES/kmext/mplugs/NPSWF32-10.0.45.2.z

ip
NPSWF32-10.0.45.2.zip

kmext.sf.net/mplugs/NPSWF32-10.0.45.2.zip
kmext.sf.net/mplugs/

soccer, i think to a lot of fans he is the messiah



Edited 1 time(s). Last edit at 06/11/2010 07:39PM by disrupted.

Thanks, the NPSWF32-10.0.45.2 works as always.

---

BTW, where are you from disrupted?
Watching Messi tomorrow?

For Windows 98/95 Flashplayer 9 seems to have been
upgraded.
The former version was 9r262 and the newer version
is 9r277.
Look for "Flash for other systems" and select "for
other browsers" (Firefox etc).
Flashplayer 9 (Linux) is also the choice for Linux distros
with libc < then version 2.4., where Flash 10 does not
work.

Fred

i tested lastest 10 on 98 and it doesn't work at all, think it's the compiler..ot\s not recognised by 98. i download latest flash9 .277 and hexed it enable saving flash tmps and tested with fla saver but i'm not sure what is better for 9x..since some sites may block content from flash9 and flash 10 has that exploit..so it's up to the user to choose what's best

hexed flash9 plugin is now available on mplugs
http://kmext.sf.net/mplugs
http://kmext.sourceforge.net/mplugs/NPSWF32-9.0.277.0.zip

flashswitcher extension has been updated to use the latest hexed flash 9 as well

the mplug page has also been updated with 3 flash versions:
http://kmext.sf.net/mplug.htm
latest flash 10 for nt
previous flash 10 for 9x
latest flash9 for 9x

slayer, you don't have to be an argentine to support what you think is the best team i like the game but not really from a nationalistic perspective, i guess i should support greece(or perhaps england) but to be honest, i don't believe they have much chance against argentina or reaching semi-finals..they say their strongest advantage is their height but that's not enough in football, half of them look like they belong to a handball team and not footballers .. if i was a gambler, my money would be on argentina to win that group and the tournament. i'll try to catch most matches when i could but i'll definitely do me best to watch all of spain's, argentina and brazil matches.. now must go watch korea vs greece, may the best team win

@4td8s

I haven't tried Foxit for a few years now, but I think that the version 1 almost worked, especially without gdiplus.dll. Version 2 was a total disaster. They were quick and simple though...if I remember correctly, from msfn discussions, like Flash 10 they work on some W98, and don't work on others.

If you think there is a stable foxit now, I'd try it again...I use 98SE with 95Explorer. No KernelX.



Edited 1 time(s). Last edit at 06/13/2010 07:43PM by snuz2.

In the MSFN forum they know that the last release of Flash doesn't work with win98, so the KernelEx author will try to make an update soon.

I'm using an old version of Foxit, I downloaded it from http://www.oldapps.com/old_version_Foxit_Reader.php

Quote
Fred
For Windows 98/95 Flashplayer 9 seems to have been
upgraded.
The former version was 9r262 and the newer version
is 9r277.
Look for "Flash for other systems" and select "for
other browsers" (Firefox etc).
Flashplayer 9 (Linux) is also the choice for Linux distros
with libc < then version 2.4., where Flash 10 does not
work.

Fred

um, Flash Player 9.0.277 is for Win98/ME only and NOT for Win95, Fred.
Flash Player 7 is the latest one supported under Win95/NT4.



Edited 1 time(s). Last edit at 06/15/2010 01:07AM by 4td8s.

Quote
snuz2
@4td8s

If you think there is a stable foxit now, I'd try it again...I use 98SE with 95Explorer. No KernelX.

I've downloaded and installed Foxit Reader 2.3 build 4015 on my relative's Win98se computer and it ran just fine w/out KernelEx. I know for sure the 3.x versions and greater of Foxit won't work under win9x oses but at least v2.3 does though the 2.x versions won't run under Win95. Foxit Reader 1.3 is the last one that does work under Win95 as I've checked myself a few years ago.



Edited 1 time(s). Last edit at 06/14/2010 03:49PM by 4td8s.

Quote
4td8s
of course, Flash Player 10 doesn't work under Win98/ME, slayer. It's not designed for it and requires minimum of Win2000. read this.

I don't understand you, because I'm using flash 10 at the moment, just not the last one. I have the kernelEx installed.

yes, officially flash10 was never supported by 9x and only flash 9 but...

i can also use the previous flash 10 on 98se without probems but i don't have kernelx and if i remeber correctly siria couldn't make that version work on 98 and siria has kernelx installed so it's not related to kernelx .. it's probably related to some windows 98 official update that exists on both our computers but not on siria's.. that will be very hard to pinpoint.

however even when it didn't work on siria's computer, kmeleon or rather the system still recognised the plugin and it was displayed in about:plugins etc..it only didn't w function in rendering flash.

the lastest flash 10 is different, it's not recongnised by the system and kmeleon can't see it as a plugin.. it's probbaly unicode compiled which technically ends support for 9x even if you have kernelx installed..as a library not an exe it won't run from the non-unicode kmeleon. this can also be indicated by the big increase in size..previous flash10 updates increased by a few kb..hardly more than 200kb but that one was double size so it isn't just about patching the exploit

Quote
slayer

Quote
4td8s
of course, Flash Player 10 doesn't work under Win98/ME, slayer. It's not designed for it and requires minimum of Win2000. read this.

I don't understand you, because I'm using flash 10 at the moment, just not the last one. I have the kernelEx installed.

I think I should have said Flash 10.1, slayer. sorry for the confusion.
Flash Player 10.1 doesn't work under win9x/me at all. anyway, v10.1 wasn't meant to be used on those old oses. but Flash 10.0 w/ KernelEx under win98/me may be ok.

btw, slayer, what version of Foxit do you have on your win98 computer. Foxit Reader v2.3 build 4015 seemed to run okay on my relative's 98se machine (gdiplus.dll file installed of course).



Edited 1 time(s). Last edit at 06/15/2010 01:10AM by 4td8s.

We will see if the next KernelEx can handle this new bloated Flash 10.1
I have this version of Foxit:
Foxit Reader Version 2.1 Build 2023
I have tried others pdf readers too like Sumatra (very small) and PDF-XChange (big but powerful). I could not find a perfect free viewer yet.

my experience with the old Flash 10 is identical to siria's. I can install it but it doesn't render anything. Some think the problem is video driver / hardware related rather than W98.

I will give the Fxit 2.3 a try. I think that's the same version that didnt' work before. It was fast and compact, ran fine some of the time and huge crashes every once in a while.

I cant; unpak the plugin - anyone have it unpacked? or in some normal format?



Edited 1 time(s). Last edit at 06/15/2010 08:08AM by snuz2.

Ah great, just had a bluescreen again because I just wanted to start Foxit to check the version :mad: Even though it's the old version 2.2. that *officially* worked in win98! But my memory was at its limits already, so not really a surprise. Usually that thing works more or less, just very often tends to freeze, same as for snuz. So Sumatra is my main reader, although really extremely primitive, oh well.

Haven't tried the new flash yet, just wanted to mention that Kernel-Ex runs in 2 modes, be default OFF or by default ON. Mine is OFF, so not sure if it has much influence on flash. Some 2-3 months ago I had tried the ON-version, well possible to test flash10, can't remember for sure but at any rate it didnt help a thing.
May very well be a hardware/driver thing, who knows!

I did pull the last MS window updates for win98se quite awhile ago, especially stuff like MS unicode support etc., but not each and every update that I judged not to need (like IE 6 )
Well, this doesnt help much, sorry, just for the record since my box was mentioned so often, LOL! ;-)

For flashplayer 9.0.277.0 for Linux here the download address,
because it's hard to find :

from the site : http://www.adobe.com/support/flashplayer/downloads.html
download "Linux Flash Player 9 Plugin content debugger"
or the direct link :
http://download.macromedia.com/pub/flashplayer/updaters/9/flashplayer_9_plugin_debug.tar.gz

Flashplayer 9 in Linux is only necessary for distros with libc version < 2.4 .

If Flashplayer 10 does not work, watch if liblcms.so.1 is present in
/usr/lib/ , if it is not you can add it.
It is for example in
liblcms1_1.18.dfsg-1ubuntu1_i386.deb
for Ubuntu and its derivatives, or in
liblcms1_1.17.dfsg-1+lenny2_i386.deb
for Debian.
If you should want liblcms.so.1 alone, you can unpack the .deb
using the program "alien" to make a tar.gz with the command
alien -tc FILE
and unpack then the tar.gz package.
For distros using .rpm packages,
look here :
http://rpm.pbone.net/index.php3/stat/3/srodzaj/1/search/liblcms.so.1
Alien would also unpack .rpm's.

Fred