Gizmos Freeware Reviews  

Go Back   Gizmo's Freeware Forum > Debating Chamber > Internet, Web Apps and Networking

Reply
 
Thread Tools Display Modes
Old 14. Jul 2015, 04:59 AM   #11 (permalink)
Senior Member
 
eyeb's Avatar
 
Join Date: Sep 2010
Location: Planet X
Posts: 886
Default

just wished they would tell us what the problem is... so we can avoid it :S

instead they just bug us about not using it but let us override it... which I do because I don't know what the problem is so in my eyes, it's them bugging me for no reason
eyeb is offline   Reply With Quote
Old 14. Jul 2015, 05:13 AM   #12 (permalink)
Senior Member
 
satrow's Avatar
 
Join Date: Mar 2012
Posts: 126
Default

https://helpx.adobe.com/security/pro...apsa15-04.html
satrow is offline   Reply With Quote
Old 14. Jul 2015, 08:07 AM   #13 (permalink)
Super Moderator
 
Anupam's Avatar
 
Join Date: Jul 2008
Location: India
Posts: 15,315
Default

eyeb, atleast they are telling you that this version of flash player is vulnerable. To find out why, you can always use search

Anyways, even the latest version seems to have a vulnerability. Hope they release a new version soon.
__________________
Anupam
Anupam is offline   Reply With Quote
Old 14. Jul 2015, 10:47 AM   #14 (permalink)
Super Moderator
 
Anupam's Avatar
 
Join Date: Jul 2008
Location: India
Posts: 15,315
Default

And they have released it. Adobe Flash Player updated to 18.0.0.209.
__________________
Anupam
Anupam is offline   Reply With Quote
Old 14. Jul 2015, 12:40 PM   #15 (permalink)
Senior Member
 
eyeb's Avatar
 
Join Date: Sep 2010
Location: Planet X
Posts: 886
Default

Quote:
Originally Posted by Anupam View Post
eyeb, atleast they are telling you that this version of flash player is vulnerable. To find out why, you can always use search .
them saying

Critical vulnerabilities (CVE-2015-5122, CVE-2015-5123) have been identified in Adobe Flash Player 18.0.0.204 and earlier versions for Windows, Macintosh and Linux. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.

doesn't mean much to me :S it's kind of like saying don't use your front door because someone can break in through it... I'll still use the front door >.>. They are too generic about it.

But I'll update flash since you said they have a new one now
eyeb is offline   Reply With Quote
Old 14. Jul 2015, 02:59 PM   #16 (permalink)
Senior Member
 
Join Date: Oct 2012
Posts: 1,028
Default

CVE-2015-5122 and CVE-2015-5123 are two vulnerabilities which were exploited by Hacking Team. Researchers only discovered this after Hacking Team themselves were hacked a few days ago. More information can be found in this ZDNet article.

Strangely enough, even after updating Flash to 18.0.0.209 I'm still getting the warning from Mozilla. Are there other known critical vulnerabilities which haven't been patched? Or is it that Mozilla considers Adobe Flash to be a liability regardless of how much it is patched? In view of this, I do agree with eyeb - Mozilla needs to be more forthcoming in explaining their position concerning Flash.
Joe A.TT is offline   Reply With Quote
Old 14. Jul 2015, 03:40 PM   #17 (permalink)
Senior Member
 
Join Date: Oct 2012
Posts: 1,028
Default

[Edit]
I checked, yet again, and Mozilla is no longer showing me a warning. Wonder why it took so long for them to detect that my Flash is up to date? I also found an explanation from Mozilla saying why they blocked 18.0.0.203.
Joe A.TT is offline   Reply With Quote
Old 14. Jul 2015, 10:51 PM   #18 (permalink)
Senior Member
 
eyeb's Avatar
 
Join Date: Sep 2010
Location: Planet X
Posts: 886
Default

I guess I'm just not as flash savwy as they are...

when they say something like CVE-####... it means the same as them singing songs... I would rather them say CVE-#### is affected by flash that is used in chat rooms, or games, or whatever. Then I can decide that I don't want to use flash chatrooms and then no problem.

But instead, they list random strings of number and don't tell me what aspect of flash is affected, meaning I can't use it? Of course I'm going to ignore that warning about blocking flash when I don't even know why they are blocking it. To me, they are just trying to scare me out of using flash if they can't even narrow down what aspect of it that I should be take caution when using.
Quote:
Why was it blocked?
Old versions of the Flash Player plugin have known vulnerabilities. All users are strongly recommended to check for updates on our plugin check page.
That's not a reason Mozilla >.> that's a blanket statement politicians use to lie to the public
Quote:
Critical vulnerabilities (CVE-2015-5122, CVE-2015-5123) have been identified in Adobe Flash Player 18.0.0.204 and earlier versions for Windows, Macintosh and Linux. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.
so... some big company got hacked by it and they got embarassed? so what? It doesn't make me, 1 person any less unsafe... I doubt any hacker is going to spend that kind of resources targetting me... first they even have to know "who" I am, out of how many people on the internet?

the best aspect of this is that if I leave the old version of flash installed... I get firefox blocking flash for me and I don't even need flashblock addon/another setting turned on for it. Doesn't this actually make me "safer"?

Last edited by eyeb; 14. Jul 2015 at 10:58 PM.
eyeb is offline   Reply With Quote
Old 15. Jul 2015, 12:28 AM   #19 (permalink)
Senior Member
 
bo.elam's Avatar
 
Join Date: Nov 2009
Posts: 1,714
Default

eyeb, changing to false the preference below in about:config, gets rid of the warning from Firefox and Firefox doesn't block anything when a plugin is not up to date. Doing that is not a good thing for everyone but that's how I have it set up.

Extensions.blocklist.enabled

Bo
bo.elam is offline   Reply With Quote
Old 15. Jul 2015, 12:43 AM   #20 (permalink)
Senior Member
 
eyeb's Avatar
 
Join Date: Sep 2010
Location: Planet X
Posts: 886
Default

thanks, didnt know about that setting
eyeb is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT +1. The time now is 05:55 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2020, vBulletin Solutions, Inc.