Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Do NOT upgrade to Adobe Flash Player v11.3.300.257

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Adobe Systems
And, this specific program:
Adobe Flash Player 11.x

This thread has been marked as locked.
TitanFoxX Do NOT upgrade to Adobe Flash Player v11.3.300.257
Member 13th Jun, 2012 12:50
Ranking: 0
Posts: 2
User Since: 7th Oct, 2011
System Score: N/A
Location: N/A
Hello everyone,

I strongly advise you all NOT to upgrade to the most recent Flash Player v11.3.300.257.

It contains some serious bugs :

- Plugin-Container.exe crashes all the time in Mozilla Firefox v13, even when visiting websites without Adobe Flash content

- Choppy audio- en videoplayback

- Flash content does not show correctly (on Youtube parts of the player just disappeared

Temporary workaround :

1) Download the Adobe Flash Uninstaller from : http://helpx.adobe.com/flash-player/kb/uninstall-f...

2) Download the previous version of Adobe Flash Player (v11.2.202.235) from : http://www.oldapps.com/flash_player.php

Make sure you have the corresponding Flash Player suitable for your OS (32 or 64-bit) and browser (Internet Explorer or NON-IE browsers)

3) Install Adobe Flash Player v11.2.202.235

4) While installing, disable the automatic update feature in Adobe Flash Player.

5) Disable automatic update in Secunia PSI, otherwise you'll be back on Adobe Flash Player v11.3.300.257 before you know it.

I talked with technical support of Adobe. They can't provide a direct solution at this very time. We'll have to wait till they release the next version of Adobe Flash Player to see if these bugs are solved.

Take care !
Ruud Bos
The Netherlands

ddmarshall RE: Do NOT upgrade to Adobe Flash Player v11.3.300.257
Dedicated Contributor 13th Jun, 2012 14:51
Score: 1210
Posts: 961
User Since: 8th Nov 2008
System Score: 98%
Location: UK
Anyone having these problems can also try disabling Protected Mode instead of reverting to 11.2
http://forums.adobe.com/thread/1018071

If you install 11.2, consider installing EMET and adding firefox.exe and plugin-container.exe to the list of Applications with mitigations applied.
http://www.microsoft.com/en-us/download/details.as...

EMET conflicts with Trusteer Rapport, which is promoted as additional security by several banks.

--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+0
-0
Anthony Wells RE: Do NOT upgrade to Adobe Flash Player v11.3.300.257
Expert Contributor 14th Jun, 2012 00:14
Score: 2445
Posts: 3,332
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hi ,

As I have posted on another thread , then Firefox with the old/insecure Flash 11.2 sounds mighty dubious as a choice .

As an alternative , you might want to consider Google Chrome with it's in built protected module/sandbox for Flash or at least use a distinct software sandbox such as "Sandboxie" until the problem is resolved .

Take care

Anthony



--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
TitanFoxX RE: Do NOT upgrade to Adobe Flash Player v11.3.300.257
Member 14th Jun, 2012 23:26
Score: 0
Posts: 2
User Since: 7th Oct 2011
System Score: N/A
Location: N/A
Dear Anthony Wells,

I don't see why Adobe Flash Player v11.2 would be a bad choice per definition. You say that it is more insecure than the actual Flash Player v11.3.

This might be right in theory. However, this statement is relatively. Adobe Flash Player has always been a potential security risk. Newer versions often patch known security leaks but often create new security threads as well. This means that a new version can also pose a bigger thread then the old version.

The only difference is that the security threads in the new version aren't detectable immediately. Believing that a new version of Adobe Flash Player is perfect is naiv.

Come on, are you serious ? Installing Google Chrome as alternative for Mozilla Firefox ? I thought you were worried about security threads ? I rather use a decent browser (Firefox) with Adobe Flash Player v11.2 then installing Google Chrome; a browser that collects your surfing history and sells them to third party developers to send you personalised commercials and spam.

Personally I belive that Google Chrome causes a larger security thread (especially when it comes to privacy-) then a older version of Adobe Flash Player.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability