News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Out of band update for Adobe Flash Player Nov. 19, 2018

    Home Forums AskWoody blog Out of band update for Adobe Flash Player Nov. 19, 2018

    Viewing 18 reply threads
    • Author
      Posts
      • #234746 Reply
        PKCano
        Da Boss

        Adobe Security Bulletin APSB18-44, dated November 20, 2018 is rated Priority 1. Adobe has released security updates for Adobe Flash Player for Windows
        [See the full post at: Out of band update for Adobe Flash Player Nov. 19, 2018]

        12 users thanked author for this post.
      • #234767 Reply
        Microfix
        AskWoody MVP

        This should not come under the MS-DEFCON rating as it’s priority 1 (critical) from Adobe.
        Flash Updates as per Susan’s Master Patch List are safe to install for this month.

        | Win8.1 Pro x64 | Linux Hybrids x86/x64 | Win7 Pro x86/x64 Offline |
        2 users thanked author for this post.
        • #234808 Reply
          woody
          Da Boss

          Flash updates in general don’t fall under MS-DEFCON… although they do make me concerned about updating Win10.

          1 user thanked author for this post.
          • #234885 Reply
            Microfix
            AskWoody MVP

            Not sure why there is a concern over W10 updating in this instance, using the provided link to the Catalog won’t have issues with W10 and only ensure the security of flash player whether used or not.

            | Win8.1 Pro x64 | Linux Hybrids x86/x64 | Win7 Pro x86/x64 Offline |
            1 user thanked author for this post.
      • #234768 Reply
        John
        AskWoody Lounger

        I don’t use Flash except for one site the National Weather service has some maps that use Flash. Otherwise I learned long ago to let that technology go by the wayside.

      • #234765 Reply
        anonymous
        Guest

        Thanks for the head’s up. When Adobe do a “out of band” release, you know its bad security hole thats needs plugging.

      • #234776 Reply
        bhen
        AskWoody Lounger

        It downloaded along with some other updates but didn’t install at first due to the logjam. Then I went to updates, clicked retry, and it installed in 15 seconds and that’s that.

        I guess this is today’s indicator that they’re not expanding their web of pushing 1809 today.

      • #234778 Reply
        Mr. Natural
        AskWoody Plus

        Yes that is unusual and had not heard about this. Thanks much PKCano!

        Red Ruffnsore reporting from the front lines.

      • #234807 Reply
        wdburt1
        AskWoody Plus

        I just updated to version .148 a few days ago.  I always avoid the auto updates and instead select “Notify me.”  Adobe is sloppy about that–no notification was received.

        I’d like to do without Flash altogether, as some have recommended, but a host of important web sites require it.  So long as Flash remains an important source of malware infections, this remains something that the tech world needs to work on, while it pushes us to focus on other things.

        • #235038 Reply
          anonymous
          Guest

          Do you have it set where it is disabled (or click to run) on sites you don’t need it on? If so, I wouldn’t worry about it too much. Just make sure you trust the source on any site you do use it on.

          What I’m concerned about is what will happen to the vast library of Flash content that already exists. Even if you don’t have to worry about old stuff having new Flash exploits, you’ll probably need to use an older browser to access it.

      • #234813 Reply
        anonymous
        Guest

        This might be unrelated but after installing the Flash update on a Windows 8.1 machine, every time time I clear internet explorer cookies manually I get three audit failures in succession.  This seems to happen on two Windows 8.1 machines.

        • #234905 Reply
          WildBill
          AskWoody Plus

          You’re still using IE?! I’ve been on Firefox since before they upgraded to Quantum. I usually keep Flash deactivated but some sites still need it. The MSN Sports app defaults to IE when you go straight to most articles. If I right-click, then click “Open in browser”, the page is opened in Firefox on the Desktop.

          Windows 8.1, 64-bit, back in Group A... & leaning toward Windows 10 V2004. As long as it's a Lot Less Buggy!
          Wild Bill Rides Again...

          • #234917 Reply
            anonymous
            Guest

            Not normally, but I do still install the Flash component in IE when they are released then open the browser to check that it installed and is still disabled as a cautionary measure.  I usually use Chrome, Firefox and Tor on occasion.

      • #234820 Reply
        PKCano
        Da Boss

        The Adobe dot com link in the main blog post links to all versions of Flash Player for all OSs.

        2 users thanked author for this post.
      • #234847 Reply
        Lars220
        AskWoody Lounger

        Some useful links:

        Adobe Flash Player: Emergency Update to version 31.0.0.153

        EDITED duplicate links removed

      • #234863 Reply
        anonymous
        Guest

        Didn’t something similar happen around the same time last year where they released an out of bands Flash patch?

      • #234906 Reply
        David F
        AskWoody Plus

        I dumped Flash near on a year ago and it’s never caused any problems. If I ever run into a website that insists I use a bug ridden piece of software (in security terms) like Flash then it’s a site I won’t be visiting.

        • #234907 Reply
          PKCano
          Da Boss

          Even if you don’t use IE as your browser (ever), the system still uses it. If flash is installed on your computer and you do not keep it updated, you are still leaving your system vulnerable.

          • #234908 Reply
            David F
            AskWoody Plus

            Yes, I did uninstall it at the time

      • #234930 Reply
        anonymous
        Guest

        That is not possible with Windows 8.x and W10. It’s part of the OS and cannot be removed.

      • #235037 Reply
        anonymous
        Guest

        Forced a full Chrome update, and found one. It seems to have updated me to the latest Flash.

        • #235513 Reply
          rc primak
          AskWoody_MVP

          All Chrome Browser needs is to navigate to chrome://components, find Adobe Flash Player, and hit the Update Component button. If there’s a PepperFlash update, it will be applied in a few seconds.

          Even Linux Chrome has this Component Update feature. Chromium Browser must be updated as a program update (the whole browser). In a Chromebook, just do a Check for Updates from Settings. Be advised, Chromium and ChromeOS may be a few days or even a week or two delayed in updating their Flash Player components.

          -- rc primak

          1 user thanked author for this post.
      • #235106 Reply
        anonymous
        Guest

        The problem for me now having had this installed behind-the-scenes, is that all of a sudden eBay, Amazon and other sites I have to use for my business suddenly stopped working, with error “err_ssl_bad_record_mac_alert” appearing in Chrome, and another generic error in Edge, but no problem in IE except it is not supported by many sites these days.

        Due to a problem uninstalling, I am now stuck with this, not having access to the sites I need to run my business.

        I had managed to successfully do a system restore once to prior to this update and it started working again, but then of course the update was reinstalled automatically today and both the system restore and the uninstall of the update both failed.

        Tried Microsoft support and they had trouble connecting remotely to my machine as this seemed to block them, and it also affected the Microsoft Support web site, so cannot access that site from my laptop where this happened. Now waiting for a Level 2 callback from MS support.

        Critical updates are all very well being rolled out as an emergency, but that is no good if it effectively bricks my machine. I would rather have control over when I try updates instead of them running silently and then seeing problems that takes a while to realise is caused by a silent update.

        • #235109 Reply
          PKCano
          Da Boss

          What version of Win10 are you using.

          KB 4477029 should only affect IE11 and Edge. It should have no effect on Chrome which updates Flash Player separately, not through Windows patches.

          2 users thanked author for this post.
      • #235265 Reply
        anonymous
        Guest

        Running Windows 10 Pro x64 v1803, Group A, Group Policy 2, Semi-Annual, Feature 365 days, Quality Updates 10 day delay.

        The November KB4467702 and MSRT came down today, but no Adobe KB4477029?
        Is this a manual install from the Catalogue only?

        • #235267 Reply
          PKCano
          Da Boss

          I received KB4477029 through WU on my 1803. Try setting the Quality delay = 0. It hasn’t been 10 days since that patch was released. You can set it back after the install if it comes down through WU.

          • #236359 Reply
            anonymous
            Guest

            OP here,

            OK so I just received a 2018-11 Security Update for Adobe Player for Windows 10 Version 1803 for x64 based systems, BUT the KB number is KB4467694.

            Has something changed/been updated?

            • #236362 Reply
              PKCano
              Da Boss

              I don’t know when the last time your PC searched for updates, but KB4467029 has replaced KB4467694 on all the Win10 machines I have dealt with lately. Have you used wushowhide to see if it is available in WU?

      • #238957 Reply
        anonymous
        Guest

        2018-12 Adobe Update KB4471331 released 12/4/2018 for Windows 10.

        OK to install?

        • #238959 Reply
          PKCano
          Da Boss

          Yes on the Flash Player update for IE11. But hold off on the rest of the Nov. patches until Woody gives the go-ahead  with the DEFCON number

          1 user thanked author for this post.
          • #238969 Reply
            anonymous
            Guest

            PK, techically this is a December patch.  Will November Defcon address this as it is now in my November que for Windows 10 1803?

            PS: Not sure why the “Reply” button doesnt work for me anymore? I highlight Reply, it opens the comment area, but won’t allow the cursor or any typing input.

            • #238972 Reply
              PKCano
              Da Boss

              I have no idea what Woody will put in the DEFCON instructions. But the Flash patch for IE is an out-of-band fix for an exploit that I believe is in the wild. So install it if you like.

              But, I repeat,  hold off on the Nov. patches until Woody raises the DEFCON number and publishes the instructions for safe patching

              1 user thanked author for this post.
      • #238998 Reply
        Purg2
        AskWoody Lounger

        A few days ago in preparation for Nov.updates I checked for updates.  I did not install, only looking to see what would be offered.  4477029 was listed at the time.

        Today it seems to have been replaced by 4471331.

        I’m inclined to go with the latter unless advised to do them both.  Thoughts anyone?

        Win 8.1 Group B, Linux Dabbler

      • #239014 Reply
        anonymous
        Guest

        ? says:

        thank you, Kirsty! i got your notice in your bug listings the other day and updated for the second time in less than a month. my event viewer reported  that “a service was installed,” which was the flash updater in the package down in system32/macromedia that i delete anyway since i manually uninstall and upgrade flash. be glad when that chore is unnecessary.

    Viewing 18 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Out of band update for Adobe Flash Player Nov. 19, 2018

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.