Relating to this vendor:
And, this specific program:
Adobe Flash Player 11.x
|DaaBoss||v 202.235 NOT signed by Adobe??|
|8th May, 2012 02:07|
User Since: 31st Aug, 2011
System Score: N/A
Last edited on 8th May, 2012 02:25
I hit the "Install Solution" button, which generally takes me to an Adobe site and downloads the file. This time, my browser simply downloaded the file, and then I ran it after downloading manually. But, this time, the W7 UAC told me it was "Publisher Unknown", which I didn't take note of at the time. But, when I ran it, nothing visible happened. I ran it again, and watched process explorer while opening it, and then exiting a few seconds later, with no UI showing.
Next, I ran FileAlyzer2 to see if anything was strange. I found only one noticeable item, shown after the hashes below.
Here are the hashes for the file as reported. Can someone verify if this is truly the right file and it is from Adobe??
CRC-16 (CCITT): F3EA
CRC-16 (Standard): 052C
The anomoly is this:
PE checksum does not match content
The checksum calculated for this file (00443CB2) does not match the checksum stored inside the PE header (000365A5).
Next I noticed that it was downloaded from DL.SECUNIA.COM and not Adobe. And, it was HTTP and not HTTPS So, one of my questions is: What happens if someone somehow places a different file on that server with the same file name?
This is the first time I've posted out here for quite some time. I'm not generally paranoid, or, at least I don't usually worry because I've been paranoid at the right times. But this is a bothersome problem for me, and need to know how to have confidence that the install files I'm running are the right ones.
Post here if you need more details. Here is the log file for the install of the Flash file:
Adobe Flash Player 11.x
C:\Windows\SysWOW64\Macromed\Flash\Flash11f.ocx, version: 18.104.22.168 (ActiveX)
Last System Scan (localtime):
3. May 2012, 23:01
Microsoft Windows 7, Microsoft Windows 7
|This user no longer exists||RE: v 202.235 NOT signed by Adobe??|
|8th May, 2012 09:46|
As you can see, it was a file downloaded from "http://dl.secunia.com/SPS/".
Any package found here is a "Secunia Packaging System" package. This means that we repack the binary (Without altering the contents) to make silent installation simpler.
The contents themselves, however, are unmodified - We only provide a binary wrapper around the vendor installer.
hope this helps.
|ddmarshall||RE: v 202.235 NOT signed by Adobe??|
|8th May, 2012 11:02|
User Since: 8th Nov 2008
System Score: 100%
|You also seem to be suffering from the previously noted phenomenon of PSI 2.0 failing to update both the Flash Player ActiveX and Netscape Plugin simultaneously. The ActiveX is version 11.1 and the Plugin is 11.2.
I recommend that you go to http://www.adobe.com/software/flash/about/ with Internet Explorer and another browser such as Firefox to verify that you have the latest versions installed. If not, download from here: http://get.adobe.com/flashplayer/ .
The latest version of the Flash Player Updater will update both versions automatically if you set the Flash Player options to check for updates and install them automatically.
This answer is provided “as-is.” You bear the risk of using it.
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.