Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Flash Player 10.x auto-update discrepancy

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI 2.0 Beta

This thread has been marked as resolved.
silvatek Flash Player 10.x auto-update discrepancy
Member 18th Aug, 2010 23:25
Ranking: 11
Posts: 51
User Since: 31st Aug, 2008
System Score: N/A
Location: UK
Following a full scan Secunia PSI 1.9.0.2 is telling me that Adobe Flash Player 10.1.53.64 (ActiveX) is insecure (a Zombie file - whatever that is), whereas the auto-updater tab tells me that I have version 10.1.82.76 installed.

Installation path: C:\Windows\System32\Macromed\Flash\Flash10h.ocx

This is slightly contradictory.

Post "RE: Flash Player 10.x auto-update discrepancy" has been selected as an answer.
taffy078 RE: Flash Player 10.x auto-update discrepancy
Contributor 19th Aug, 2010 08:00
Score: 408
Posts: 1,340
User Since: 26th Feb 2009
System Score: 100%
Location: UK
Hi silvatek.

You'll probably find the answer in Maurice Joyce's posts here:

http://secunia.com/community/forum/thread/show/513...

This one should also help:

http://secunia.com/community/forum/thread/show/508...

These problems can be a real pain! As you'll see from the above and also:

http://secunia.com/community/forum/thread/show/509...

Follow the instructions there and then please post back to tell us how you got on. :0)

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+1
-0
This user no longer exists RE: Flash Player 10.x auto-update discrepancy
Member 19th Aug, 2010 08:38
Hi,

A "Zombie file" is an old version of an installed program that was left behind when you updated the application. If you hover your mouse over the term, as well as other terms you are having problems understanding, a mouse-over with an explaination should appear. Otherwise, of course, feel free to ask.

hope this helps.
Was this reply relevant?
+0
-0
silvatek RE: Flash Player 10.x auto-update discrepancy
Member 19th Aug, 2010 10:18
Score: 11
Posts: 51
User Since: 31st Aug 2008
System Score: N/A
Location: UK
1. The path for the Zombie file appears to be where Flash is supposed to be.

2. If Secunia is preventing Flash updating, then maybe Secunia had better stop using it.

3. Hovering over the Insecure entry for Flash only gives me a popup showing the path. Hovering over the question marks gives me generic info. I can't find any popups about Zombie files.

I'm going to ignore the warning until FileHippo tells me that there's an update available. After all, PSI Auto Update is telling me that I have the current version installed.

All the posts you referred me to are very complicated. There must be an easier way to keep Flash up to date. I read one comment saying to uninstall the Adobe Installer. I've a feeling the Installer keeps Adobe products up to date. Unfortunately, it also installs Adobe Reader without telling you.

David
Was this reply relevant?
+0
-0
Maurice Joyce RE: Flash Player 10.x auto-update discrepancy
Handling Contributor 19th Aug, 2010 10:34
Score: 11799
Posts: 9,040
User Since: 4th Jan 2009
System Score: N/A
Location: UK
David,
All U need to do to remove the zombie file is:

CLOSE:
a. All Browsers.
b. PSI.
c. Windows Messenger.
d. Incredimail.
e. Adobe Free Reader.


Now navigate to C:\Windows\System32\Macromed\Flash\Flash10h.ocx

Right click & delete that entry.

The key to updating Flash is not to have anything running that is using it.

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+3
-0
taffy078 RE: Flash Player 10.x auto-update discrepancy
Contributor 19th Aug, 2010 10:35
Score: 408
Posts: 1,340
User Since: 26th Feb 2009
System Score: 100%
Location: UK
Last edited on 19th Aug, 2010 10:38
on 19th Aug, 2010 10:18, silvatek wrote:


All the posts you referred me to are very complicated. There must be an easier way to keep Flash up to date. I read one comment saying to uninstall the Adobe Installer. I've a feeling the Installer keeps Adobe products up to date. Unfortunately, it also installs Adobe Reader without telling you.

David


If you concentrate on Maurice's procedure, you'll find it's not complicated - honestly, David.
It is long but it needs to be. You are right to emphasise that some Adobe downloads are full of bloatware - Maurice warns of this too.

I can understand your reluctance though and I hope that Maurice will now post some more advice for you, as Emil has done.

EDIT - crossed with Maurice's

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+1
-0
silvatek RE: Flash Player 10.x auto-update discrepancy
Member 19th Aug, 2010 11:31
Score: 11
Posts: 51
User Since: 31st Aug 2008
System Score: N/A
Location: UK
I closed everything that uses Flash, then ran the Flash Uninstaller, then downloaded and installed the latest versions. Re-ran the PSI scan and all okay again.

What is annoying is that I already did all this a week ago. Adobe should automatically clean out any old versions of an application prior to installing the latest release. The same goes for Chrome. I get fed up of having to manually remove prior versions of Google Chrome every time it decides to update itself.

There are millions of computer users out there who haven't the first clue that any of this is happening and honestly don't care. It's only interfering paranoids like myself who actually take the (wasted) time to keep the innards of their Windows installations up to date and clean.

Thanks guys.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer