Newsletter Archives

  • Bleeping computer reports Flash patch force installed


    Now hopefully by now Askwoody readers did this task manually a few weeks ago, but if you didn’t….. well apparently Microsoft feels that you should do it NOW.  Barb Bowman reports that it also kicks a reboot.

  • Say goodnight, Flash. We hardly knew ye.

    © 2013 Lunar Eclipse

    Ye haven’t an arm, ye haven’t a leg, hurroo, hurroo
    Ye haven’t an arm, ye haven’t a leg, hurroo, hurroo
    Ye haven’t an arm, ye haven’t a leg,
    Ye’re an armless, boneless, chickenless egg
    Ye’ll have to put with a bowl out to beg
    Adobe Flash I hardly knew ye

    One of the most reviled products in PC history — deservedly so! — officially hits the skids on December 30.

    Adobe’s been warning us since July, 2015 that Flash’s time is at an end:

    open standards like HTML5, WebGL and WebAssembly have matured over the past several years, most now provide many of the capabilities and functionalities that plugins pioneered and have become a viable alternative for content on the web.

    Now it’s official:

     Adobe will stop distributing and updating Flash Player after December 31, 2020… with three years’ advance notice, we believed that would allow sufficient time for developers, designers, businesses, and other parties to migrate existing Flash content as needed to new, open standards… Adobe will be removing Flash Player download pages from its site and Flash-based content will be blocked from running in Adobe Flash Player after the EOL Date.

    At long last.

  • How to stop two Windows Defender annoyances


    By Fred Langa

    Win10’s built-in Windows Defender has matured into a top-ranked anti-malware tool. But several of its default behaviors can be downright irritating.

    Here’s how to tweak Windows Defender with a few buried settings and a Task Scheduler change.

    Plus: Does Adobe Flash Player really need as many updates as it claims?

    Read the full story in AskWoody Plus Newsletter 16.34.0 (2019-09-23).

  • Out of band update for Adobe Flash Player Nov. 19, 2018

    Adobe Security Bulletin APSB18-44, dated November 20, 2018 is rated Priority 1.
    Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address a critical vulnerability in Adobe Flash Player and earlier versions.  Successful exploitation could lead to arbitrary code execution in the context of the current user.

    Microsoft has issued an out-of-band patch for Flash Player on Nov. 20th. KB 4477029, 2018-11 Security Update for Adobe Flash Player Windows 8.1 and Windows 10 based systems, is available through Windows Update and the MS Catalog.

    For those using Windows 7, Vista, and XP,  MacOS X, or Linux, Flash Player version can be downloaded from

    Thx  @Lars220

  • Is disabling Flash not enough?

    UPDATE: Starting in October, Google Chrome will not show Flash objects unless you specifically click to show your acceptance. If a site offers both HTML5 and Flash, the HTML5 will always run, not the Flash, by default. More details on the F-Secure site.

    Good question from WH:

    In your 20:19, May 10, 2016, post on, you have the following:

    “The Adobe zero-day is with Flash. Lesson: Don’t use Flash. (Does that sound familiar, too?)”

    My default browser is Firefox. I use NoScript also. I think it is NoScript that prevents Adobe Flash Player from being run automatically. Any time a web site wants to use Flash, I have to explicitly click to activate it.

    It seems that MANY web sites require activation of Flash to view at least some of their content.

    When you recommend third-party updates (e.g., Randy the Professor) to programs such as Flash, I update it. Is that not enough?

    If you say we shouldn’t use Flash, but we want to view the content web sites offer, what is the alternative to Flash?

    Sadly, there is no alternative to Flash. Sadly, some web sites still require it, after years and years of complaints. If you hit a site that requires Flash, find a different site! The people who control the site obviously don’t give a harry rat’s patoutie about you. Write to them and complain!

    If you have to use Flash on some sites, I suggest you pick just one browser and arm it with something like NoScript, which will block Flash unless you specifically allow it. I use Edge (don’t shoot me!), because it’s easy to switch Flash on and off. I never, ever venture out into the real world with an armed version of Flash exposed to the web. Life’s too short.

    Internet Explorer, Flash and Adobe Reader have been the leading source of Windows infections for many years.

  • March 2016 Adobe Flash Player security updates

    This just in from ER:

    New Adobe Flash Player security updates just released March 10 on Adobe security bulletin APSB16-08:

    and on Microsoft security bulletin MS16-036 for Windows 8.1 & 10:

    These new updates install Flash Player 21.

  • New Flash Player, Microsoft Security Essentials

    This just in from EP…

    Adobe has released a new set of security updates this September for Flash Player mentioned in Adobe security bulletin APSB14-21 . These security updates will update Flash Player to either v15.0.0.152 or v13.0.0.244.

    Also being released is a new version of the Microsoft Security Essentials program which is v4.6.0305.0 posted Sept. 9 on the Microsoft Download Center:. This one requires either Windows Vista SP2 or Windows 7. Don’t bother downloading & installing this new MSE version if using XP or Windows 8.x.


  • Conficker lurking in updates?

    JB writes:

    Dear Woody,

    Is it good to take Adobe Flash player updates? And is AVG 8.5 Free better than AVG 8.0 Free? How do we know these updates aren’t polluted with conficker?

    Yep, it’s always best to install Flash Player updates, Adobe Reader updates, Java updates, and the like, when they’re offered. Why? If they’re screwed up they generally won’t bring your computer to a grinding halt, and the manufacturer typically gets new updates out quickly. I won’t mention QuickTime by name.

    If you use AVG 8.0, you should upgrade to AVG 8.5.

    I can’t imagine any way Conficker could get into any of those updates.