Microsoft Security Advisory (979267) on Flash Player 9

Similar Messages

• Microsoft security Advisory 2028859

  A serious security flaw has been found in Windows 7 systems running Aero.Untill microsoft releases a security patch users can disable the Aero theme to  prevent the issue from being exploited.
  To disable Windows Aero by changing the theme, perform the following steps for each user on a system:
  Click Start, select the Control Panel, and then click on Appearance and Personalization.
  Under the Personalization category, click on Change the Theme.
  Scroll to the bottom of the listed themes and select one of the available Basic and High Contrast Themes.
  For further information go through the below given link 
  http://www.microsoft.com/technet/security/advisory/2028859.mspx
  The above mentioned vulnerability only affects Windows 7 and Windows server 2008 R2 users.
  Cheers and regards,
  • » νιנαｿѕαяα∂нι ѕαмανє∂αм ™ « •
  ●๋•کáŕádhí'ک díáŕý ツ
  I am a volunteer here. I don't work for Lenovo

  Here is more information on Microsoft security advisory 2269637, mitigating it from Cisco devices:
  Vulnerability alert: http://tools.cisco.com/security/center/viewAlert.x?alertId=21268
  Mitigation buletin: http://tools.cisco.com/security/center/viewAlert.x?alertId=22317
  All security related advisories for cisco can be found from the Cisco SIO (Security Intelligence Operations):
  http://tools.cisco.com/security/center/home.x
  Hope that helps.

• Microsoft Security Advisory (2269637)

  Microsoft Security Advisory (2269637)
  Insecure Library Loading Could Allow Remote Code  Execution
  This  vulnerability came out in August and is there a signature that will cover this in the ips and if not is there an idea if one is being reviewed?

  Here is more information on Microsoft security advisory 2269637, mitigating it from Cisco devices:
  Vulnerability alert: http://tools.cisco.com/security/center/viewAlert.x?alertId=21268
  Mitigation buletin: http://tools.cisco.com/security/center/viewAlert.x?alertId=22317
  All security related advisories for cisco can be found from the Cisco SIO (Security Intelligence Operations):
  http://tools.cisco.com/security/center/home.x
  Hope that helps.

• Microsoft Security Advisory 3046015

  One of the workarounds for Microsoft Security Advisory 3046015 is to disable the RSA key exchange ciphers in Windows Vista and later systems by modifying the SSL Cipher Suite
  order in the Group Policy Object Editor but the cipher list in the Advisory is 1185 characters long but the max size for that GPO setting (SSL Cipher Suite order) is 1023 characters.

  Hi,
  Thank you for your update and feedback. It will be very beneficial for other community members who have similar questions.
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Out-of-Band Microsoft Security Advisory

  Microsoft Security Advisory (2659883)
  Vulnerability in ASP.NET Could Allow Denial of Service https://technet.microsoft.com/en-us/security/advisory/2659883
  Editing to add additional link: https://blogs.technet.com/b/msrc/archive/2011/12/28/advanced-notification-for-out-of-band-release-to...
  ThinkPad: T530 / X1 Gen 2 / Helix - Yoga: Tablet 2 Pro (Win) / Yoga 3 Pro
  If you find a post helpful and it answers your question, please click the "Accept As Solution" button.
  Lenovo Advocate ~ I am not employed by Lenovo or Microsoft. I am a volunteer.
  Microsoft MVP - Consumer Security
  SpywareHammer

  Hi -
  Here is a link to the forum post I made regarding the OS security update policy for Cisco Unity - http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Unified%20Communications%20and%20Video&topic=Unified%20Communications%20Applications&topicID=.ee835d2&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40%40.2cc231ee/2#selected_message
  Regards, Ginger

• Microsoft Security Advisory 2963983

  https://technet.microsoft.com/library/security/2963983
  I called MS today not sure i had the right department, but the gentleman didn't know what I was referencing does anyone know of a site to get up to date information of this issue and when MS plans on releasing a patch?
  Also were advising everyone to disable the Adobe flash in internet explorer Add-on's, anything else that we can do to remedy this is greatly valued.
  Thank you,

  Summary:
  For more information on these and other remediation options, please see
  Security Advisory 2963983.  Additional information on this limited, targeted attack can be found on the
  MSRC blog. 
  IE is widely recognized as the most secure browser against socially-engineered malware, the most common form of attack, blocking 99.9% of malware in a
  recent NSS Labs test. 
  We encourage you to consider upgrading to the latest version of IE for improved security features such as Enhanced Protected Mode, better backward compatibility through
  Enterprise Mode, increased performance, and support for the modern web standards that run today’s websites and services.
  On April 26, 2014, Microsoft released a
  Security Advisory (2963983) to notify customers of a vulnerability in IE.  At this time we are aware of limited, targeted attacks.  We encourage customers to follow the suggested mitigations outlined in the security advisory while an update is
  finalized.
  Guidance on suggested mitigations:
  Our investigation has revealed that Enhanced Protected Mode, on by default for the modern browsing experience in IE10 and IE11, as well as Enhanced Mitigation Experience Toolkit (EMET) 4.1 and EMET 5.0 Technical Preview, could help protect against this potential
  risk.  We encourage customers to follow the suggested mitigations outlined in the security advisory while an update is finalized.
  The Enhanced Mitigation Experience Toolkit 4.1: (EMET)
  helps mitigate the exploitation of this vulnerability by adding additional protection layers that make the vulnerability harder to exploit.  EMET 4.1 is supported by Microsoft, and is automatically configured to help protect Internet Explorer.  EMET
  can also be configured using Group Policy.  For more information, see
  Microsoft Knowledge Base Article 2458544.
  More details:
  Deploy the Enhanced Mitigation Experience Toolkit 4.1
  Pros:  Blocks potential exploits of this vulnerability
  Cons:  May be incompatible with some web apps
  Enable Enhanced Protected Mode
  Pros: Blocks potential exploits of this vulnerability
  Cons:  May be incompatible with some web apps; not available on 32-bit Windows 7
  Businesses who have upgraded to IE11 or IE10 can enable
  Enhanced Protected Mode
  (EPM) for additional security protection.   On Windows 8 and Windows 8.1, EPM is enabled by default for the modern, immersive browsing experience.  Customers using the touch-friendly IE11 browser on Windows tablets, for example, are already
  using EPM and may not be susceptible to this and similar attacks.   
  Enhanced Protected Mode can be enabled and managed through Group Policy.  To manually enable EPM in IE, perform the following steps:
  On the IE Tools menu, click Internet Options.
  In the Internet Options dialog box, click the Advanced tab, and then scroll down to the Security section of the settings list.
  Ensure the checkboxes next to Enable Enhanced Protected Mode and Enable 64-bit processes for Enhanced Protected Mode (for 64-bit systems) are selected.
  Click OK to accept the changes and return to IE.
  Restart your system.
  While Enhanced Protected Mode provides significant additional protection, it may not be compatible with some add-ons and enterprise web apps.  Also, while EPM is available for
  64-bit Windows 7, it is not an option for 32-bit Windows 7 installations. 
   Unregister VGX.DLL
  Pros:  Relatively simple workaround
  Cons:  May not protect against other exploits
  Known attacks currently take advantage of VGX.DLL, which provides support for Vector Markup Language (VML).  VML is not natively supported by most web browsers today,
  so this remediation option may have the least impact on enterprise web app compatibility. 
  To unregister VGX.DLL:
  Click Start, click Run, and type "%SystemRoot%\System32\regsvr32.exe" /u /s "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll"
  After an update has been released and installed, you can re-register VGX.DLL with:  "%SystemRoot%\System32\regsvr32.exe" /s "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll"
  These commands can be issued as batch files via Microsoft System Center Configuration Manager or other infrastructure management solutions. 
  Rob^_^

• Issue with IE Security Warning box about Flash Player

  Recently upgraded to Flash Player 11.8 on a Win7 x64 system with IE9. Am now having a IE Security warning box pop up repeatedly saying Flasher Player wants to open Web Content. If I Allow, it is an endless loop with the warning box. If I Don't Allow, it eventually stops popping up after 3-4 times. Need to know if there is an issue with Flash Player or if there may be something else going on in my computer. Any suggestions would be appreciated. Also, I am not a whiz, but manage.

  You can either lower the security settings of Internet Explorer, or - easier - download the executable installer from http://www.adobe.com/products/flashplayer/fp_distribution3.html
  P.S. note that no browser windows must be open when running the installer.

• Update security settings for adobe flash player

  I have windows 7, 64bit, adobe flash player 11. 
  Can't play You Tube videos...message say need to update flash player.
  Went to adobe site....tried to download latest version 11.8, and message says I need to update security settings to allow.
  I'm a beginner...where and how to update these settings.

  Download the Adobe Flash Player installer directly by right clicking one of the following links.
  Flash Player for ActiveX (Internet Explorer)
  Flash Player Plug-in (All other browsers)
  Save the installer - DO NOT run it yet.
  Reboot your system.
  BEFORE you open anything else, locate and run the installer you downloaded.

• McAfee Security Scan Plus and Flash Player installer

  Hi.
  I went to update Flash Player earlier today by downloading the web installer from the website, but by mistake didn't uncheck the option to install McAfee Security Scan Plus with Flash. However, after comparing the two files that are downloaded when the option is/isn't unchecked, I noticed that the MD5/CRC hashes for both files are exactly the same. I opened the file, and noticed that the installer was downloading both Security Scan Plus and Flash. I canceled the installation which was fine, but I have several questions.
  How does the installer know if the user wants to install Security Scan if both files are the same?
  Is Security Scan installed as soon as the download is complete (as shown in the installer), or only after Flash finisheds downloading as well?
  Thanks.

  Bundling other software in the installer is a sign of a DYING company. Now I have to do more work and uninstall this stuff. Yeah, you got me. "Angry" is not strong enough. -Foffu.

• Microsoft Security Advisory (2757760): Vulnerabil​ity in Internet Explorer

  Vulnerability in Internet Explorer Could Allow Remote Code Execution
  Microsoft is investigating public reports of a vulnerability in Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, and Internet Explorer 9. Internet Explorer 10 is not affected. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability.
  A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.
  On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.
  Article including some suggested actions is continued here: http://technet.microsoft.com/en-us/security/adviso​ry/2757760
  Related: http://nakedsecurity.sophos.com/2012/09/17/new-ie-​zero-day-exploit-poison-ivy/
  ThinkPad: T530 / X1 Gen 2 / Helix - Yoga: Tablet 2 Pro (Win) / Yoga 3 Pro
  If you find a post helpful and it answers your question, please click the "Accept As Solution" button.
  Lenovo Advocate ~ I am not employed by Lenovo or Microsoft. I am a volunteer.
  Microsoft MVP - Consumer Security
  SpywareHammer

  The suggested setting in EMET for IE is to be protected against ALL the available exploits --- that is to say, including Mandatory ASLR as well as BottomUpASLR.   Unless you experience an issue with it [and the EMET Notifier should advise you of any problems it encounters], there's no reason to "generically" turn-off MandatoryASLR.
  Having said that, here are the common exceptions people need to be aware of:
  1) Windows Media Player users should UNcheck Mandatory ASLR for their Windows Media Player.
  2) Skype users should UNcheck EAF for their Skype.
  3) Some versions of Trusteer Rapport are having trouble with Microsoft EMET - web browsers do not open at all or open a blank, unusable window. In such case, Windows XP users should UNcheck EAF protection for each of their web browsers; and Windows Vista and 7 users should UNcheck Mandatory ASLR protection for each of their web browsers.
  4) Configuring the system setting for DEP changes a boot option for Windows. For systems using BitLocker, this will cause BitLocker to detect that “system boot information has changed” and you will be forced to enter your recovery key the next time you boot Windows. It is highly recommended that you have your recovery key ready before changing the system configuration setting for DEP on a system with BitLocker enabled.
  Windows 7 Pro SP1 (64-bit), avast! V7 Free, MBAM Pro, Windows Firewall, EMET, OpenDNS Family Shield, IE9 & Firefox (both using WOT & KeyScrambler), MVPS HOSTS file, SpywareBlaster, WinPatrol PLUS, SAS (on-demand scanner), Secunia PSI.
  [I am experimenting with Sandboxie, and believe computer-users who sandbox are acting prudently.]

• Microsoft Security Advisory 3046015 AND Technet-connectivity.

  Goodday,
  I've changed the "SSL Cipher Suite Order" according to the 3046015-workaround (gpedit/Computer config./Adm. templates/Network/SSL Configuration/SSL Cipher Suite Order.
  I've also enabled this setting and rebooted.
  Since then I get no connection to the Technet-site. Eror: "This page canrsquo;t be displayed" (this is NOT a type-error!).
  Who knows what's up?
  Evert Rademaker.

  As is detailed in
  MS15-031, this vulnerability is now resolved by
  Windows Update KB3046049. Please let us know if you continue to experience issues after installation of this security update.
  Brandon
  Windows Outreach Team- IT Pro
  Windows for IT Pros on TechNet

• FYI: Getting installers for Flash Player 9.0.151.0 security update

  There are different avenues for getting the Flash Player
  9.0.151.0 installers mentioned in the recent security bulletin
  APSB08-20 Flash Player update available to address security
  vulnerabilities.
  Most users may have already updated to Flash Player 10, and
  any trip to the Flash Player product download center
  (/go/getflashplayer) will only provide Flash Player 10. That site
  always delivers the most recent version.
  If you have installed Flash Player 10 and do not have any reason
  to test or use Flash Player 9 then no action is required.
  But, if you require Flash Player 9.0.151.0, how do you get
  it?
  Regular desktop users should follow the advice of the
  security bulletin and obtain the EXE and zipped DMG installers for
  9.0.115.0 from “Flash Player 9 for Unsupported Operating
  Systems” (
  http://www.adobe.com/go/kb406791).
  The title might be misleading, but the bits have all been updated.
  These same installers are also available in "Archived Flash
  Players available for testing purposes"
  http://www.adobe.com/go/tn_14266
  Anyone needing a version OTHER than EXE or Mac DMG
  (enterprises who distribute Flash Player, folks who need MSI or MSP
  installers, etc) will have to get the installers from the free
  Adobe players licensing program. Any user completing the program
  (which has recently been rebuilt from scratch) will obtain access
  to the bits once approved. The approval process is very quick.
  http://www.adobe.com/licensing/
  The licensing site contains bits for both Flash Player 9 and
  Flash Player 10. All have been updated to the most recent versions.
  Some customers may be using the old licensing site links, and
  they won’t see Flash Player 9 bits. We suggest that all
  customers request either a new license or a resend of their
  existing license to get the correct URL’s.
  Again, if you have installed Flash Player 10 and do not have any
  reason to test or use Flash Player 9 then no action is
  required.

  We are currently using Adobe Flash player 9 on Windows XP operating system. We would like to know if Vulnerabilities in Adobe Flash Player 6 Provided in Windows XP, could Allow Remote Code Execution mentioned in Microsoft Security Advisory (979267), is resolved in Flash Player 9? For more details on vulnerability please refer "Microsoft Security Advisory (979267)". I have been wondering for the answers from a week and I have even logged the same in forum which fetch me no result. Could you let me know regarding this.
  Since we have security related issue with this please consider this call at high priority.
  ~
  Satu28

• [ANNOUNCE] Flash Player 9.0.115.0 getURL("javascript:..") failure LIVE cross-domain

  2/21/08 Update:
  There is a technote covering these two issues.
  "getURL and navigateToURL issues with Flash Player 9.0.115.0
  ActiveX control"
  http://www.adobe.com/go/kb403072
  As of today we have two open bugs specific to Flash Player
  9.0.115.0 ActiveX control and the use of getURL("javascript:...")
  syntax..
  I will be writing a technote describing the workarounds today
  or tomorrow, but I wanted to share some of my testing with the
  community so you can see what the story is.
  Issue one:
  getURL("javascript:blah()") failing when the content is local
  to a drive or cd or dvd. This is a legit bug, not a problem with
  FlashPlayer trust.
  This post does not describe issueone , but you -can- use the
  source FLA's to test issue one.
  Issue two:
  getURL("javascript") failing with live content if the HTML
  and SWF are in separate domains. IE6 and IE7 only.
  ExternalInterface has been successful as a workaround for
  that as well (in my tests at least...)
  At this point I cannot provide an ETA on any fixes, though I
  am pushing hard for these to be addressed in the next planned
  update (no, i cannot tell you when that is, sorry).
  OK now for my testing.
  Each test uses the same SWF setup, but the javascript and
  html change as necessary. The results of –my- testing are
  below each link.
  All my tests are with Flash Player 9.0.115.0. As most on the
  thread surely know these bugs were injected in the 9.0.115.0
  development process and do not appear in 9.0.47.0....
  There are four tests in each version (top to bottom)
  -- button 1: getURL
  -- button 2: externalInterface passing a string via a
  variable, which is caught by javascript in the HTML page
  -- button 3: fscommand
  -- button 4: externalInterface calling 'window.open' directly
  with no in-page javascript
  -- Buttons 1 through 3 (top to bottom) fire an alert, put
  some text into the debug text box in the SWF and open a new window.
  -- Button 4 only opens a new window, puts some text into the
  debug text box, but no alert (because it’s a direct call to
  window.open)
  Scenario 1:
  HTML and SWF in same domain, no frames
  The original AS2 version:
  http://www.bentimagemedia.com/escalations/cs3_getURL/getURL_AS2.html
  FireFox OSX – all pass
  FireFox XP – all pass
  IE6 XP – all pass
  IE7 Vista - all pass
  The AS3 version:
  http://www.bentimagemedia.com/escalations/cs3_getURL/getURL_AS3.html
  FireFox OSX – all pass
  FireFox XP – all pass
  IE6 XP – all pass
  IE7 Vista - all pass
  Scenario 2:
  HTML and SWF in same domain, frameset, calls going to same
  frames – this setup has two horizontal frames with the AS2
  version of the SWF in the top, the AS3 version in the bottom.
  http://www.bentimagemedia.com/escalations/cs3_getURL/frames/getURL_frames.html
  FireFox OSX – all pass
  FireFox XP – all pass
  IE6 XP – all pass
  IE7 Vista - all pass
  Scenario 3: (THIS IS ISSUE TWO ABOVE)
  HTML and SWF on different domains, calls going to the same
  frames – same swf’s, same setup with modified HTML. The
  HTML lives on bentimagemedia, but the SWF’s are embedded from
  supportflash.com
  http://www.bentimagemedia.com/escalations/cs3_getURL/frames_crossdomain/getURL_frames_cros sdomain.html
  FireFox OSX – all pass
  FireFox XP - all pass
  IE6 XP – Button 1 getURL("javascript"...) fires
  function, but does not open new window.
  - all other buttons pass
  IE7 Vista - Button 1 getURL("javascript...) fires function,
  no new window same as IE6.
  -- all other buttons pass

  We are currently using Adobe Flash player 9 on Windows XP operating system. We would like to know if Vulnerabilities in Adobe Flash Player 6 Provided in Windows XP, could Allow Remote Code Execution mentioned in Microsoft Security Advisory (979267), is resolved in Flash Player 9? For more details on vulnerability please refer "Microsoft Security Advisory (979267)". I have been wondering for the answers from a week and I have even logged the same in forum which fetch me no result. Could you let me know regarding this.
  Since we have security related issue with this please consider this call at high priority.
  ~
  Satu28

• Is Flash Player a security risk?

  I got a message to update Flash Player and to download installation from the internet. Is this safe? I remember reading about Flash Player being a security risk a while ago.

  Two bugs, one affecting Apple's Mac platform and another attacking Microsoft's Windows, exploit certain Flash player vulnerabilities to install malware onto users' systems, reports ArsTechnica. While users of other operating systems like Linux have yet to report attacks, Adobe's advisory notes the exploit affects all platforms.
  Designated as CVE-2013-0634, the first vulnerability targets the Safari and Firefox Web browsers running on OS X, and is also being used as a trojan to deploy Microsoft Word documents containing malware. For Mac users, the flaw affects Adobe Flash Player version 11.5.502.146 or earlier.
  On March 1, 2013 Apple again blocked Flash Player for Lion and Mountain Lion:
  http://support.apple.com/kb/HT5660
  The Adobe Flash patch can be found on Adobe’s website, and users can visit this page to check if their software is the most curent version.
  You should uninstall any previous version first, and repair permissions after installing the new version.
  If you still get a ‘plug-ins blocked’ message:
  http://support.apple.com/kb/HT5271

• Adobe Flash Player Security Updates after Windows XP End of Support

  Hi,
  I have to check up for our customer, whether there will be any Security Updates for Adobe Flash Player on Windows XP after End of Support next year.
  Haven't found any information on the web :-(
  Thanks in advance,
  Nicolai

  I don't know, and like you, haven't seen anything.
  Here's what I do know.
  Android dropped ALL support for Flash Playe June 2012 and Adobe continued to develop and release security updates for the older Android Flash Player versions up till September 10 of this year.
  Support for Linux ended with version 11.2, but security fixes for Linux Flash Player are still being developed and released.
  Given the still-widespread use of XP in schools and corporate environments, I'd have to say that support (at least security updates) will go on for a while after next June14 when Microsoft officially "sunsets" XP. How long that will be is not info I have.