News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Out of band update for Adobe Flash Player Nov. 19, 2018

    Home Forums AskWoody blog Out of band update for Adobe Flash Player Nov. 19, 2018

    This topic contains 35 replies, has 14 voices, and was last updated by  anonymous 5 months, 2 weeks ago.

    • Author
      Posts
    • #234746 Reply

      PKCano
      Da Boss

      Adobe Security Bulletin APSB18-44, dated November 20, 2018 is rated Priority 1. Adobe has released security updates for Adobe Flash Player for Windows
      [See the full post at: Out of band update for Adobe Flash Player Nov. 19, 2018]

      12 users thanked author for this post.
    • #234767 Reply

      Microfix
      Da Boss

      This should not come under the MS-DEFCON rating as it’s priority 1 (critical) from Adobe.
      Flash Updates as per Susan’s Master Patch List are safe to install for this month.

      ********** Peng/Wins x86/x64 **********

      2 users thanked author for this post.
      • #234808 Reply

        woody
        Da Boss

        Flash updates in general don’t fall under MS-DEFCON… although they do make me concerned about updating Win10.

        1 user thanked author for this post.
        • #234885 Reply

          Microfix
          Da Boss

          Not sure why there is a concern over W10 updating in this instance, using the provided link to the Catalog won’t have issues with W10 and only ensure the security of flash player whether used or not.

          ********** Peng/Wins x86/x64 **********

          1 user thanked author for this post.
    • #234768 Reply

      John
      AskWoody Lounger

      I don’t use Flash except for one site the National Weather service has some maps that use Flash. Otherwise I learned long ago to let that technology go by the wayside.

    • #234765 Reply

      anonymous

      Thanks for the head’s up. When Adobe do a “out of band” release, you know its bad security hole thats needs plugging.

    • #234776 Reply

      bhen
      AskWoody Lounger

      It downloaded along with some other updates but didn’t install at first due to the logjam. Then I went to updates, clicked retry, and it installed in 15 seconds and that’s that.

      I guess this is today’s indicator that they’re not expanding their web of pushing 1809 today.

    • #234778 Reply

      Mr. Natural
      AskWoody Plus

      Yes that is unusual and had not heard about this. Thanks much PKCano!

      Red Ruffnsore reporting from the front lines.

    • #234807 Reply

      wdburt1
      AskWoody Plus

      I just updated to version .148 a few days ago.  I always avoid the auto updates and instead select “Notify me.”  Adobe is sloppy about that–no notification was received.

      I’d like to do without Flash altogether, as some have recommended, but a host of important web sites require it.  So long as Flash remains an important source of malware infections, this remains something that the tech world needs to work on, while it pushes us to focus on other things.

      • #235038 Reply

        anonymous

        Do you have it set where it is disabled (or click to run) on sites you don’t need it on? If so, I wouldn’t worry about it too much. Just make sure you trust the source on any site you do use it on.

        What I’m concerned about is what will happen to the vast library of Flash content that already exists. Even if you don’t have to worry about old stuff having new Flash exploits, you’ll probably need to use an older browser to access it.

    • #234813 Reply

      anonymous

      This might be unrelated but after installing the Flash update on a Windows 8.1 machine, every time time I clear internet explorer cookies manually I get three audit failures in succession.  This seems to happen on two Windows 8.1 machines.

      • #234905 Reply

        WildBill
        AskWoody Plus

        You’re still using IE?! I’ve been on Firefox since before they upgraded to Quantum. I usually keep Flash deactivated but some sites still need it. The MSN Sports app defaults to IE when you go straight to most articles. If I right-click, then click “Open in browser”, the page is opened in Firefox on the Desktop.

        Windows 8.1, 64-bit, now in Group B!
        Wild Bill Rides Again...

        • #234917 Reply

          anonymous

          Not normally, but I do still install the Flash component in IE when they are released then open the browser to check that it installed and is still disabled as a cautionary measure.  I usually use Chrome, Firefox and Tor on occasion.

    • #234820 Reply

      PKCano
      Da Boss

      The Adobe dot com link in the main blog post links to all versions of Flash Player for all OSs.

      2 users thanked author for this post.
    • #234847 Reply

      Lars220
      AskWoody Lounger

      Some useful links:

      Adobe Flash Player: Emergency Update to version 31.0.0.153

      EDITED duplicate links removed

    • #234863 Reply

      anonymous

      Didn’t something similar happen around the same time last year where they released an out of bands Flash patch?

    • #234906 Reply

      David F
      AskWoody Plus

      I dumped Flash near on a year ago and it’s never caused any problems. If I ever run into a website that insists I use a bug ridden piece of software (in security terms) like Flash then it’s a site I won’t be visiting.

      • #234907 Reply

        PKCano
        Da Boss

        Even if you don’t use IE as your browser (ever), the system still uses it. If flash is installed on your computer and you do not keep it updated, you are still leaving your system vulnerable.

        • #234908 Reply

          David F
          AskWoody Plus

          Yes, I did uninstall it at the time

    • #234930 Reply

      anonymous

      That is not possible with Windows 8.x and W10. It’s part of the OS and cannot be removed.

    • #235037 Reply

      anonymous

      Forced a full Chrome update, and found one. It seems to have updated me to the latest Flash.

      • #235513 Reply

        rc primak
        AskWoody_MVP

        All Chrome Browser needs is to navigate to chrome://components, find Adobe Flash Player, and hit the Update Component button. If there’s a PepperFlash update, it will be applied in a few seconds.

        Even Linux Chrome has this Component Update feature. Chromium Browser must be updated as a program update (the whole browser). In a Chromebook, just do a Check for Updates from Settings. Be advised, Chromium and ChromeOS may be a few days or even a week or two delayed in updating their Flash Player components.

        -- rc primak

        1 user thanked author for this post.
    • #235106 Reply

      anonymous

      The problem for me now having had this installed behind-the-scenes, is that all of a sudden eBay, Amazon and other sites I have to use for my business suddenly stopped working, with error “err_ssl_bad_record_mac_alert” appearing in Chrome, and another generic error in Edge, but no problem in IE except it is not supported by many sites these days.

      Due to a problem uninstalling, I am now stuck with this, not having access to the sites I need to run my business.

      I had managed to successfully do a system restore once to prior to this update and it started working again, but then of course the update was reinstalled automatically today and both the system restore and the uninstall of the update both failed.

      Tried Microsoft support and they had trouble connecting remotely to my machine as this seemed to block them, and it also affected the Microsoft Support web site, so cannot access that site from my laptop where this happened. Now waiting for a Level 2 callback from MS support.

      Critical updates are all very well being rolled out as an emergency, but that is no good if it effectively bricks my machine. I would rather have control over when I try updates instead of them running silently and then seeing problems that takes a while to realise is caused by a silent update.

      • #235109 Reply

        PKCano
        Da Boss

        What version of Win10 are you using.

        KB 4477029 should only affect IE11 and Edge. It should have no effect on Chrome which updates Flash Player separately, not through Windows patches.

        2 users thanked author for this post.
    • #235265 Reply

      anonymous

      Running Windows 10 Pro x64 v1803, Group A, Group Policy 2, Semi-Annual, Feature 365 days, Quality Updates 10 day delay.

      The November KB4467702 and MSRT came down today, but no Adobe KB4477029?
      Is this a manual install from the Catalogue only?

      • #235267 Reply

        PKCano
        Da Boss

        I received KB4477029 through WU on my 1803. Try setting the Quality delay = 0. It hasn’t been 10 days since that patch was released. You can set it back after the install if it comes down through WU.

        • #236359 Reply

          anonymous

          OP here,

          OK so I just received a 2018-11 Security Update for Adobe Player for Windows 10 Version 1803 for x64 based systems, BUT the KB number is KB4467694.

          Has something changed/been updated?

          • #236362 Reply

            PKCano
            Da Boss

            I don’t know when the last time your PC searched for updates, but KB4467029 has replaced KB4467694 on all the Win10 machines I have dealt with lately. Have you used wushowhide to see if it is available in WU?

    • #238957 Reply

      anonymous

      2018-12 Adobe Update KB4471331 released 12/4/2018 for Windows 10.

      OK to install?

      • #238959 Reply

        PKCano
        Da Boss

        Yes on the Flash Player update for IE11. But hold off on the rest of the Nov. patches until Woody gives the go-ahead  with the DEFCON number

        1 user thanked author for this post.
        • #238969 Reply

          anonymous

          PK, techically this is a December patch.  Will November Defcon address this as it is now in my November que for Windows 10 1803?

          PS: Not sure why the “Reply” button doesnt work for me anymore? I highlight Reply, it opens the comment area, but won’t allow the cursor or any typing input.

          • #238972 Reply

            PKCano
            Da Boss

            I have no idea what Woody will put in the DEFCON instructions. But the Flash patch for IE is an out-of-band fix for an exploit that I believe is in the wild. So install it if you like.

            But, I repeat,  hold off on the Nov. patches until Woody raises the DEFCON number and publishes the instructions for safe patching

            1 user thanked author for this post.
    • #238998 Reply

      Purg2
      AskWoody Lounger

      A few days ago in preparation for Nov.updates I checked for updates.  I did not install, only looking to see what would be offered.  4477029 was listed at the time.

      Today it seems to have been replaced by 4471331.

      I’m inclined to go with the latter unless advised to do them both.  Thoughts anyone?

      Win 8.1 Group B, Linux Dabbler

    • #239014 Reply

      anonymous

      ? says:

      thank you, Kirsty! i got your notice in your bug listings the other day and updated for the second time in less than a month. my event viewer reported  that “a service was installed,” which was the flash updater in the package down in system32/macromedia that i delete anyway since i manually uninstall and upgrade flash. be glad when that chore is unnecessary.

    Reply To: Out of band update for Adobe Flash Player Nov. 19, 2018

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information: