Critical vulnerability in Adobe Flash

Questions about other topics - please check if your question fits better in another category before posting here
Forum rules
Before you post please read how to get help
Post Reply
User avatar
administrollaattori
Level 15
Level 15
Posts: 5648
Joined: Tue Sep 03, 2013 4:51 am
Location: Finland
Contact:

Critical vulnerability in Adobe Flash

Post by administrollaattori » Fri Dec 07, 2018 2:39 pm

http://blogs.adobe.com/psirt/?p=1665
Adobe has released security updates for Adobe Flash Player (APSB18-42) for Windows, macOS, Linux and Chrome OS. These updates address one critical vulnerability in Adobe Flash Player and one important vulnerability in Adobe Flash Player installer. Successful exploitation could lead to Arbitrary Code Execution and privilege escalation respectively. Adobe recommends users update their product installations to the latest versions using the instructions referenced in the security bulletin.
https://helpx.adobe.com/security/produc ... 18-42.html

To check Flash version via Terminal

Code: Select all

strings /usr/lib/adobe-flashplugin/libflashplayer.so|grep LNX|awk '{print $2}'
In webkit-based browsers like Opera, Chrome and Chromium

Code: Select all

strings /usr/lib/adobe-flashplugin/libpepflashplayer.so|grep LNX|awk '{print $2}'
There should not be a problem if updates are installed normally. :wink:

gm10
Level 13
Level 13
Posts: 4597
Joined: Thu Jun 21, 2018 5:11 pm

Re: Critical vulnerability in Adobe Flash

Post by gm10 » Fri Dec 07, 2018 3:17 pm

Slow day? There are critical vulnerabilities in Flash every day, hardly newsworthy. The only good solution is to uninstall it. :P

User avatar
administrollaattori
Level 15
Level 15
Posts: 5648
Joined: Tue Sep 03, 2013 4:51 am
Location: Finland
Contact:

Re: Critical vulnerability in Adobe Flash

Post by administrollaattori » Fri Dec 07, 2018 3:27 pm

gm10 wrote:
Fri Dec 07, 2018 3:17 pm
Slow day? There are critical vulnerabilities in Flash every day, hardly newsworthy. The only good solution is to uninstall it. :P
Yes, but someone has made them visible. :lol:

Attack is on, and it uses Flash-object in MS Office´s document.
https://translate.google.fi/translate?h ... 3-10544820

gm10
Level 13
Level 13
Posts: 4597
Joined: Thu Jun 21, 2018 5:11 pm

Re: Critical vulnerability in Adobe Flash

Post by gm10 » Fri Dec 07, 2018 3:32 pm

Poor Adobe, they want to discontinue Flash so badly but instead they on full time bug fix duty until 2020 when they finally can. That's gotta hurt the bottom line. :mrgreen:

User avatar
AZgl1500
Level 9
Level 9
Posts: 2871
Joined: Thu Dec 31, 2015 3:20 am
Location: Oklahoma where the wind comes sweeping down the plains
Contact:

Re: Critical vulnerability in Adobe Flash

Post by AZgl1500 » Fri Dec 07, 2018 6:42 pm

if you don't have Flash capability, nearly 50% of the web videos are not viewable.

DAMIEN1307
Level 6
Level 6
Posts: 1221
Joined: Tue Feb 21, 2017 8:13 pm
Location: Alamogordo, New Mexico, USA

Re: Critical vulnerability in Adobe Flash

Post by DAMIEN1307 » Fri Dec 07, 2018 6:50 pm

hi AZg...you said,
if you don't have Flash capability, nearly 50% of the web videos are not viewable.
i uninstalled flash, adobe flash, pepperflash etc almost 3 years ago and to date, have not been asked or told that flash is required to be able to view any video on the web...and i have a ton of bookmarks of news services, video services, assorted web sites etc...everyone of them are html5...do you have a few examples of the 50% of sites you mention here so i can try them for myself?...i dont think im missing anything but you never know...lol...DAMIEN
ORDO AB CHAO

gm10
Level 13
Level 13
Posts: 4597
Joined: Thu Jun 21, 2018 5:11 pm

Re: Critical vulnerability in Adobe Flash

Post by gm10 » Fri Dec 07, 2018 7:12 pm

DAMIEN1307 wrote:
Fri Dec 07, 2018 6:50 pm
hi AZg...you said,
if you don't have Flash capability, nearly 50% of the web videos are not viewable.
i uninstalled flash, adobe flash, pepperflash etc almost 3 years ago and to date, have not been asked or told that flash is required to be able to view any video on the web...and i have a ton of bookmarks of news services, video services, assorted web sites etc...everyone of them are html5...do you have a few examples of the 50% of sites you mention here so i can try them for myself?...i dont think im missing anything but you never know...lol...DAMIEN
Pretty much this. I haven't had to use flash in a long long time. Nothing I use needs it. None of the popular video sites needs it. The only site still using flash that I've seen in recent times is some remote fishing webcam another user on this forum had trouble with the other day.

Flash has been deprecated for a long time now, Adobe will discontinue it in a year's time, and if you know of websites still behind the time best tell them to get a clue if they want you to visit them.

carum carvi
Level 4
Level 4
Posts: 374
Joined: Sun Apr 16, 2017 11:44 pm

Re: Critical vulnerability in Adobe Flash

Post by carum carvi » Sat Dec 08, 2018 4:02 am

Never knew this. How do I disable / uninstall Adobe? Is it installed automatically in Firefox?

I checked online and statistics show that only 4% of current websites use adobeflash, yet weirdly enouhg google.com etc are mentioned as sites that still use it. Google Chrome in 2018 allows use of adobeflash as well.

Statistics on adobeflash and a list that show that google.com still uses it:
https://w3techs.com/technologies/detail ... sh/all/all

Google chrome and their policy about adobe flash:
https://support.google.com/chrome/answe ... ktop&hl=en

User avatar
administrollaattori
Level 15
Level 15
Posts: 5648
Joined: Tue Sep 03, 2013 4:51 am
Location: Finland
Contact:

Re: Critical vulnerability in Adobe Flash

Post by administrollaattori » Sat Dec 08, 2018 4:06 am

carum carvi wrote:
Sat Dec 08, 2018 4:02 am
Never knew this. How do I disable / uninstall Adobe? Is it installed automatically in Firefox?

Code: Select all

dpkg --get-selections | grep flash
apt remove adobe-flashplugin	

User avatar
trytip
Level 8
Level 8
Posts: 2488
Joined: Tue Jul 05, 2016 1:20 pm

Re: Critical vulnerability in Adobe Flash

Post by trytip » Sat Dec 08, 2018 12:43 pm

my file doesn't work
mint01 ~ $ strings /usr/lib/adobe-flashplugin/libflashplayer.so|grep LNX|awk '{print $2}'
strings: '/usr/lib/adobe-flashplugin/libflashplayer.so': No such file
mint01
~ $
Image

DAMIEN1307
Level 6
Level 6
Posts: 1221
Joined: Tue Feb 21, 2017 8:13 pm
Location: Alamogordo, New Mexico, USA

Re: Critical vulnerability in Adobe Flash

Post by DAMIEN1307 » Sat Dec 08, 2018 1:27 pm

Purge Flash

Code: Select all

sudo apt purge flashplugin-installer
ORDO AB CHAO

gm10
Level 13
Level 13
Posts: 4597
Joined: Thu Jun 21, 2018 5:11 pm

Re: Critical vulnerability in Adobe Flash

Post by gm10 » Sat Dec 08, 2018 1:31 pm

DAMIEN1307 wrote:
Sat Dec 08, 2018 1:27 pm
Purge Flash

Code: Select all

sudo apt purge flashplugin-installer
That's not the default flash package installed on Mint, nor the official adobe one. Also I have a feeling it will only remove that installer, not the plugin.

The official package for mint users as installed by mint-meta-codecs is adobe-flashplugin, as mentioned above.

DAMIEN1307
Level 6
Level 6
Posts: 1221
Joined: Tue Feb 21, 2017 8:13 pm
Location: Alamogordo, New Mexico, USA

Re: Critical vulnerability in Adobe Flash

Post by DAMIEN1307 » Sat Dec 08, 2018 1:37 pm

i had to do this to stop my system from trying to install flash updates even after already uninstalling flash from my system...thats why i posted it...the system kept trying to install flash updates until i did this. it is also found in synaptic for removal.
Last edited by DAMIEN1307 on Sat Dec 08, 2018 1:39 pm, edited 1 time in total.
ORDO AB CHAO

gm10
Level 13
Level 13
Posts: 4597
Joined: Thu Jun 21, 2018 5:11 pm

Re: Critical vulnerability in Adobe Flash

Post by gm10 » Sat Dec 08, 2018 1:38 pm

DAMIEN1307 wrote:
Sat Dec 08, 2018 1:37 pm
it stopped my system from trying to install flash updates even after already uninstalling flash from my system...thats why i posted it...the system kept trying to install flash updates until i did this. it is also found in synaptic for removal.
Sure. I just meant to point out that by default users won't have that package, but if they did install it then they'll have to remove it (instead of or in addition to the other one).

User avatar
trytip
Level 8
Level 8
Posts: 2488
Joined: Tue Jul 05, 2016 1:20 pm

Re: Critical vulnerability in Adobe Flash

Post by trytip » Sat Dec 08, 2018 2:09 pm

HA HA AH HAAA

Image

i remember in 2016 everyone was so scared that adobe will not support flash anymore for linux now everyone is scared that cyber-terrorist will invade their computers and change the toaster level from light to dark burned to a crisp :mrgreen: . haven't upgraded it since then and will never upgrade it again. same with firefox. i'm a chrome user now, i only keep firefox on my system for the nostalgia of how things used to be.
Image

User avatar
administrollaattori
Level 15
Level 15
Posts: 5648
Joined: Tue Sep 03, 2013 4:51 am
Location: Finland
Contact:

Re: Critical vulnerability in Adobe Flash

Post by administrollaattori » Sun Dec 09, 2018 4:26 am

trytip wrote:
Sat Dec 08, 2018 2:09 pm
i remember in 2016 everyone was so scared that adobe will not support flash anymore for linux now everyone is scared that cyber-terrorist will invade their computers and change the toaster level from light to dark burned to a crisp :mrgreen: . haven't upgraded it since then and will never upgrade it again. same with firefox. i'm a chrome user now, i only keep firefox on my system for the nostalgia of how things used to be.
Most of time (about 99,9%) seat belt is needless, but sometimes is not. :wink:
https://en.wikipedia.org/wiki/Seat_belt
https://www.youtube.com/watch?v=9tPzALVSSvs

Post Reply

Return to “Other topics”