Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • Out of band update for Adobe Flash Player Nov. 19, 2018

    Home Forums AskWoody blog Out of band update for Adobe Flash Player Nov. 19, 2018

    This topic contains 35 replies, has 14 voices, and was last updated by  anonymous 1 week, 4 days ago.

    • Author
      Posts
    • #234746 Reply

      PKCano
      AskWoody MVP

      Adobe Security Bulletin APSB18-44, dated November 20, 2018 is rated Priority 1. Adobe has released security updates for Adobe Flash Player for Windows
      [See the full post at: Out of band update for Adobe Flash Player Nov. 19, 2018]

    • #234767 Reply

      Microfix
      AskWoody MVP

      This should not come under the MS-DEFCON rating as it’s priority 1 (critical) from Adobe.
      Flash Updates as per Susan’s Master Patch List are safe to install for this month.

      | W10 Pro x64 | W8.1 Pro x64 | Linux x64 Hybrids | XP Pro O/L
      2 users thanked author for this post.
      • #234808 Reply

        woody
        Da Boss

        Flash updates in general don’t fall under MS-DEFCON… although they do make me concerned about updating Win10.

        1 user thanked author for this post.
        • #234885 Reply

          Microfix
          AskWoody MVP

          Not sure why there is a concern over W10 updating in this instance, using the provided link to the Catalog won’t have issues with W10 and only ensure the security of flash player whether used or not.

          | W10 Pro x64 | W8.1 Pro x64 | Linux x64 Hybrids | XP Pro O/L
          1 user thanked author for this post.
    • #234768 Reply

      jescott418
      AskWoody Lounger

      I don’t use Flash except for one site the National Weather service has some maps that use Flash. Otherwise I learned long ago to let that technology go by the wayside.

    • #234765 Reply

      anonymous

      Thanks for the head’s up. When Adobe do a “out of band” release, you know its bad security hole thats needs plugging.

    • #234776 Reply

      bhen
      AskWoody Lounger

      It downloaded along with some other updates but didn’t install at first due to the logjam. Then I went to updates, clicked retry, and it installed in 15 seconds and that’s that.

      I guess this is today’s indicator that they’re not expanding their web of pushing 1809 today.

    • #234778 Reply

      Mr. Natural
      AskWoody Lounger

      Yes that is unusual and had not heard about this. Thanks much PKCano!

    • #234807 Reply

      wdburt1
      AskWoody Lounger

      I just updated to version .148 a few days ago.  I always avoid the auto updates and instead select “Notify me.”  Adobe is sloppy about that–no notification was received.

      I’d like to do without Flash altogether, as some have recommended, but a host of important web sites require it.  So long as Flash remains an important source of malware infections, this remains something that the tech world needs to work on, while it pushes us to focus on other things.

      • #235038 Reply

        anonymous

        Do you have it set where it is disabled (or click to run) on sites you don’t need it on? If so, I wouldn’t worry about it too much. Just make sure you trust the source on any site you do use it on.

        What I’m concerned about is what will happen to the vast library of Flash content that already exists. Even if you don’t have to worry about old stuff having new Flash exploits, you’ll probably need to use an older browser to access it.

    • #234813 Reply

      anonymous

      This might be unrelated but after installing the Flash update on a Windows 8.1 machine, every time time I clear internet explorer cookies manually I get three audit failures in succession.  This seems to happen on two Windows 8.1 machines.

      • #234905 Reply

        WildBill
        AskWoody Lounger

        You’re still using IE?! I’ve been on Firefox since before they upgraded to Quantum. I usually keep Flash deactivated but some sites still need it. The MSN Sports app defaults to IE when you go straight to most articles. If I right-click, then click “Open in browser”, the page is opened in Firefox on the Desktop.

        Windows 8.1, 64-bit, now in Group B!
        Wild Bill Rides Again...

        • #234917 Reply

          anonymous

          Not normally, but I do still install the Flash component in IE when they are released then open the browser to check that it installed and is still disabled as a cautionary measure.  I usually use Chrome, Firefox and Tor on occasion.

    • #234820 Reply

      PKCano
      AskWoody MVP

      The Adobe dot com link in the main blog post links to all versions of Flash Player for all OSs.

      2 users thanked author for this post.
    • #234847 Reply

      Lars220
      AskWoody Lounger
    • #234863 Reply

      anonymous

      Didn’t something similar happen around the same time last year where they released an out of bands Flash patch?

    • #234906 Reply

      David F
      AskWoody Lounger

      I dumped Flash near on a year ago and it’s never caused any problems. If I ever run into a website that insists I use a bug ridden piece of software (in security terms) like Flash then it’s a site I won’t be visiting.

      • #234907 Reply

        PKCano
        AskWoody MVP

        Even if you don’t use IE as your browser (ever), the system still uses it. If flash is installed on your computer and you do not keep it updated, you are still leaving your system vulnerable.

        • #234908 Reply

          David F
          AskWoody Lounger

          Yes, I did uninstall it at the time

          • This reply was modified 3 weeks, 6 days ago by  David F.
    • #234930 Reply

      anonymous

      That is not possible with Windows 8.x and W10. It’s part of the OS and cannot be removed.

    • #235037 Reply

      anonymous

      Forced a full Chrome update, and found one. It seems to have updated me to the latest Flash.

      • #235513 Reply

        rc primak
        AskWoody MVP

        All Chrome Browser needs is to navigate to chrome://components, find Adobe Flash Player, and hit the Update Component button. If there’s a PepperFlash update, it will be applied in a few seconds.

        Even Linux Chrome has this Component Update feature. Chromium Browser must be updated as a program update (the whole browser). In a Chromebook, just do a Check for Updates from Settings. Be advised, Chromium and ChromeOS may be a few days or even a week or two delayed in updating their Flash Player components.

        -- rc primak

        • This reply was modified 3 weeks, 2 days ago by  rc primak.
        1 user thanked author for this post.
    • #235106 Reply

      anonymous

      The problem for me now having had this installed behind-the-scenes, is that all of a sudden eBay, Amazon and other sites I have to use for my business suddenly stopped working, with error “err_ssl_bad_record_mac_alert” appearing in Chrome, and another generic error in Edge, but no problem in IE except it is not supported by many sites these days.

      Due to a problem uninstalling, I am now stuck with this, not having access to the sites I need to run my business.

      I had managed to successfully do a system restore once to prior to this update and it started working again, but then of course the update was reinstalled automatically today and both the system restore and the uninstall of the update both failed.

      Tried Microsoft support and they had trouble connecting remotely to my machine as this seemed to block them, and it also affected the Microsoft Support web site, so cannot access that site from my laptop where this happened. Now waiting for a Level 2 callback from MS support.

      Critical updates are all very well being rolled out as an emergency, but that is no good if it effectively bricks my machine. I would rather have control over when I try updates instead of them running silently and then seeing problems that takes a while to realise is caused by a silent update.

      • #235109 Reply

        PKCano
        AskWoody MVP

        What version of Win10 are you using.

        KB 4477029 should only affect IE11 and Edge. It should have no effect on Chrome which updates Flash Player separately, not through Windows patches.

        2 users thanked author for this post.
    • #235265 Reply

      anonymous

      Running Windows 10 Pro x64 v1803, Group A, Group Policy 2, Semi-Annual, Feature 365 days, Quality Updates 10 day delay.

      The November KB4467702 and MSRT came down today, but no Adobe KB4477029?
      Is this a manual install from the Catalogue only?

      • #235267 Reply

        PKCano
        AskWoody MVP

        I received KB4477029 through WU on my 1803. Try setting the Quality delay = 0. It hasn’t been 10 days since that patch was released. You can set it back after the install if it comes down through WU.

        • #236359 Reply

          anonymous

          OP here,

          OK so I just received a 2018-11 Security Update for Adobe Player for Windows 10 Version 1803 for x64 based systems, BUT the KB number is KB4467694.

          Has something changed/been updated?

          • #236362 Reply

            PKCano
            AskWoody MVP

            I don’t know when the last time your PC searched for updates, but KB4467029 has replaced KB4467694 on all the Win10 machines I have dealt with lately. Have you used wushowhide to see if it is available in WU?

    • #238957 Reply

      anonymous

      2018-12 Adobe Update KB4471331 released 12/4/2018 for Windows 10.

      OK to install?

      • #238959 Reply

        PKCano
        AskWoody MVP

        Yes on the Flash Player update for IE11. But hold off on the rest of the Nov. patches until Woody gives the go-ahead  with the DEFCON number

        1 user thanked author for this post.
        • #238969 Reply

          anonymous

          PK, techically this is a December patch.  Will November Defcon address this as it is now in my November que for Windows 10 1803?

          PS: Not sure why the “Reply” button doesnt work for me anymore? I highlight Reply, it opens the comment area, but won’t allow the cursor or any typing input.

          • #238972 Reply

            PKCano
            AskWoody MVP

            I have no idea what Woody will put in the DEFCON instructions. But the Flash patch for IE is an out-of-band fix for an exploit that I believe is in the wild. So install it if you like.

            But, I repeat,  hold off on the Nov. patches until Woody raises the DEFCON number and publishes the instructions for safe patching

            1 user thanked author for this post.
    • #238998 Reply

      Purg2
      AskWoody Lounger

      A few days ago in preparation for Nov.updates I checked for updates.  I did not install, only looking to see what would be offered.  4477029 was listed at the time.

      Today it seems to have been replaced by 4471331.

      I’m inclined to go with the latter unless advised to do them both.  Thoughts anyone?

      Win 8.1 Group B, Linux Dabbler

    • #239014 Reply

      anonymous

      ? says:

      thank you, Kirsty! i got your notice in your bug listings the other day and updated for the second time in less than a month. my event viewer reported  that “a service was installed,” which was the flash updater in the package down in system32/macromedia that i delete anyway since i manually uninstall and upgrade flash. be glad when that chore is unnecessary.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Out of band update for Adobe Flash Player Nov. 19, 2018

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information:


    Comments are closed.