• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
Locked
0

Not updating to 11.3 a security risk?

New Here ,
Jun 15, 2012 Jun 15, 2012

Copy link to clipboard

Copied

http://forums.adobe.com/thread/1021119?tstart=0 b/c 11.3 is a quarterly update and is not being installed through the silent update mechanism in 11.2.  Are any of the exploits found in 11.2.205.235 and fixed in 11.3 being actively exploited in the wild?  This is important b/c I wanted 11.2 to update eventually update itself whenever that will be, but if there is security risk, I will manually install 11.3.  

Views

2.9K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Employee ,
Jun 15, 2012 Jun 15, 2012

Copy link to clipboard

Copied

You can find a full description of the security enhancements and fixes in the release notes, here:

http://helpx.adobe.com/flash-player/release-note/enduser-release-notes-11_3.html

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jun 15, 2012 Jun 15, 2012

Copy link to clipboard

Copied

anything adobe seams to do with flash/trash makes it more vulnerable, flash and java imho are the culprit for 99% of the viruses at my shop.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
Jun 15, 2012 Jun 15, 2012

Copy link to clipboard

Copied

If you have viruses in your shop, then you have a serious security issue, and this is certainly not caused by Flash or Java!

I have Flash and Java on all our computers, and we have never seen any malware on our networks.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jun 15, 2012 Jun 15, 2012

Copy link to clipboard

Copied

wow really? im talking about customers bringing in there pcs with viruses from flash exploits on porn sites or other facebook exploits.

didnt think id need to give a line-itemized detail to how u get viruses.

look at this link, educate yourself a bit, dont be scared, this is a flash program designed to deploy fake viurses..........

http://www.flickr.com/photos/42750870@N05/4261577823/

http://www.flickr.com/photos/adriarichards/3516673598/

http://www.flickr.com/photos/42750870@N05/4284081791/

its usually deployed through a fake flash update

http://images.theage.com.au/2012/05/10/3284394/art-Flash-420x0.jpg

or as i was saying use flash for the virus

here is proof.

http://news.cnet.com/2100-1023-803829.html

while the cnet article is proof of concept...

next time dont sound so stupid.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Explorer ,
Jun 16, 2012 Jun 16, 2012

Copy link to clipboard

Copied

adobeisavirus wrote:

... while the cnet article is proof of concept...

Based on a 10 years old article?

Are you aware of how many Flash updates have been released on that period of time?

How has Flash Technology been improved its security since then?

Anyway... It seems you didn't read the article further after that sentence... and as if it was written today:

... "The virus is not the first to try to fool those PC users with a weakness for Flash movies"...

... "This is (was) just a new way to get into the PC" ,,, "It does show that the virus writters are always looking for new battlegrounds" ...

Cheers

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jun 16, 2012 Jun 16, 2012

Copy link to clipboard

Copied

lol you act as if everything else i said isnt valid. flash is still used as an enterance for viruses. like "popups" that are really javascript

skriptkiddys are skriptkiddys weather its java, flash, C++ or machine code FFS.

but if apple isnt using flash because of the incessant updating and glitching and bugs, then my point is still proven, in spades even.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
Jun 17, 2012 Jun 17, 2012

Copy link to clipboard

Copied

Keep in mind that JavaScript and Java are two entirely different entities.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jun 17, 2012 Jun 17, 2012

Copy link to clipboard

Copied

I am asking b/c this this article says that 11.2.205.235 is being actively exploited.  "Users should on no account downgrade to build 11.2, however, as it is known to contain critical security vulnerabilities which are currently being actively exploited."

http://www.h-online.com/open/news/item/Firefox-13-tripped-up-by-Flash-patch-Update-1619399.html

However, Adobe says that the exploits in 11.2.205.235 aren't being actively exploited b/c they are all discovered by researchers.  A lot of times, these tech writers are extremely sloppy with what they report.  I just want a clarrifying statement b/c it would help be decide what to do with flash on a couple of computers, to rush through the 11.3 update or wait for the update mechanism for quarterly updates do its thing in 7 to 30 days. 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Employee ,
Jun 18, 2012 Jun 18, 2012

Copy link to clipboard

Copied

LATEST

We maintain a version of Flash Player 10 for Enterprise customers, who are generally more interested in security updates than new Flash Player features.

If you need to roll back, and don't need the functionality provided by Flash Player 11, rolling back to the latest version of Flash Player 10 would be the best option.

http://forums.adobe.com/message/3854689#3854689

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines