Full Disclosure mailing list archives
Adobe Flash bundling vulnerabilities
From: "CaseArmour.net Security Administrator" <security () casearmour net>
Date: Wed, 02 Apr 2008 17:22:52 -0400
I'm noticing a disturbing trend of vulnerable versions of Flash (among other runtimes) being distributed with lots of different software, and the list now includes vendors such as Microsoft and -- Adobe. Adobe AIR up through the last Windows beta bundled a known-vulnerable version of Flash. I seem to have deleted my copy of the Beta 2 installer, so I can't confirm what version, but I believe it was a 9.x-series. The Windows AIR installer, AdobeAIRInstaller.exe (1.0.7.4880, md5sum 7F5646586EB25CEB2F5457B0BD144F59), presently available from the Adobe site, has been updated to include Flash 9.0 r115, or at least that's the version reported by the included Netscape plugin. In the future, I'm going to be very careful about installing Adobe products, on the occasions that I'm forced to. Microsoft, unfortunately, still bundles Flash 6.0.79.0 with, as far as I can tell, Windows XP, and every Windows XP service pack ever produced, up through the SP3 RC2 builds. Installing or slipstreaming a service pack on Windows XP installs the vulnerable Flash version, and installing a new Flash build from Adobe *does not* uninstall the vulnerable version. I didn't realize this until I was testing Secunia PSI on a newly-installed system. I'm not experienced enough with IE or Explorer internals to tell whether it's possible to convince a browser (or OutLook? or something else?) instance to render a malicious applet with the older version, but I wouldn't be surprised if it's possible. Even if it's not, I'm paranoid about the possibility of a remote, non-privileged login or other access being able to leverage the vulnerable Flash OCX. The install happens whether or not the XP system in question already includes a newer Flash build. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Adobe Flash bundling vulnerabilities CaseArmour.net Security Administrator (Apr 02)