Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


dencorso

Newest Adobe Flash and Shockwave, and Java, too!

Recommended Posts

9 hours ago, dencorso said:

how do we know Adobe Flash player v32.0.0.171 [sic] is actually the last one not to contain a time-bomb? Or we don't really know that, do we?

See Dr. Drill’s July 28 post.

  • Like 1

Share this post


Link to post
Share on other sites

15 hours ago, VistaLover said:

Off-topic:
 

Well, people like you and me need to "spend" ;) there, period:

https://archive.org/donate/

(I have donated twice in the past... :yes: )

On-topic:

As a friendly reminder, Adobe Flash player v32.0.0.171 has publicly disclosed security vulnerabilities, which have been patched in later versions; as long as the vendor continues to issue updated versions (currently 32.0.0.443) and until the announced final deprecation date (31/12/2020), the wise thing to do is use a current version when facing the internet... v32.0.0.171 should only be used to play back locally stored content (.SWF files) after the last "timebombed" version ceases to function...
Just my 2 (euro)cents, of course... :whistle:

All right.

Flash Player is the most "dangerous" software to use on your PC.
It is the ideal platform for an exploit that targets a known or unknown vulnerability leading, to remote, OS compromise.

Even when the latest version of FP is released its development, including security patches, will stop while unknown vulnerabilities will still be targeted by malware writes.

Probably no later than 3/6 months from the end of the support.

  • Like 1

Share this post


Link to post
Share on other sites
26 minutes ago, Sampei.Nihira said:

All right.

Flash Player is the most "dangerous" software to use on your PC.
It is the ideal platform for an exploit that targets a known or unknown vulnerability leading, to remote, OS compromise.

Even when the latest version of FP is released its development, including security patches, will stop while unknown vulnerabilities will still be targeted by malware writes.

Probably no later than 3/6 months from the end of the support.

Fair enough, but I think Adobe should let users choose as there machines that are either offline or behind an intranet not directly connected to internet and by injecting a timebomb they'll make production machines stop working which is far more annoying and disrupting...

Share this post


Link to post
Share on other sites

Microsoft will disable Flash Player at the OS level.
Flash will die in no time even if Adobe had followed a different path.

Share this post


Link to post
Share on other sites
3 hours ago, Sampei.Nihira said:

Microsoft will disable Flash Player at the OS level.
Flash will die in no time even if Adobe had followed a different path.

MS cannot do it to XP anymore. Not easily, at least! :D

  • Like 1

Share this post


Link to post
Share on other sites
4 hours ago, Sampei.Nihira said:

If MSFN members want to install Flash Player version 171, after the end of support, please take the following precautions in the browser used:

So, you have Flash installed in your system, but not in the browser? Why keep it then? Just to fill a few MB on your drive?

6 hours ago, Sampei.Nihira said:

Flash Player is the most "dangerous" software to use on your PC.

No, the most "dangerous" software to use on your PC is Windows10. It hijacks your whole system, and you're even happy for this, lol...

 

I want to play my flash games, screw "unknown vulnerabilities" :P

  • Like 2

Share this post


Link to post
Share on other sites
On 9/14/2020 at 7:05 PM, VistaLover said:

As a friendly reminder, Adobe Flash player v32.0.0.171 has publicly disclosed security vulnerabilities, which have been patched in later versions; as long as the vendor continues to issue updated versions (currently 32.0.0.443) and until the announced final deprecation date (31/12/2020), the wise thing to do is use a current version when facing the internet... v32.0.0.171 should only be used to play back locally stored content (.SWF files) after the last "timebombed" version ceases to function...

Just my 2 (euro)cents, of course... :whistle:

Well rule of thumb with NPAPI style plugins (or similar) is leave them disabled by default in-browser, which most seem to default to nowdays anyway. I've never permuted Flash to autorun in my browser, long before I was even aware of its deprication.

Fortunately these days, or rather the last 5 years I've seen very little use for Flash. But I like retaining the functionality just to be there. Why lose access to potential content, no matter how scarce? I still have some old .swf games saved from childhood too.

Share this post


Link to post
Share on other sites
17 hours ago, dencorso said:

MS cannot do it to XP anymore. Not easily, at least! :D

That would of course involve admitting that XP still exists, and that would never do!
:D

  • Like 3

Share this post


Link to post
Share on other sites
15 hours ago, RainyShadow said:

So, you have Flash installed in your system, but not in the browser? Why keep it then? Just to fill a few MB on your drive?

No, the most "dangerous" software to use on your PC is Windows10. It hijacks your whole system, and you're even happy for this, lol...

 

I want to play my flash games, screw "unknown vulnerabilities" :P

Why do you write that I don't have the Flash plug-in in New Moon 28?
If you see better in the control panel image where it says

............NPAPI plug-in 32.0.0.433

My Flash plug-in installed in NM28 is in mode:

"Click to play"

and it is obviously hidden from any fingerprint scans in malformed web pages with exploit/malware content.
I thought it was obvious.

b2AFaRD1_o.jpg

 

To insert the image above I made it visible.
But even hidden it is fully functional.

But you naturally follow your philosophy .......;):D

 

Edited by Sampei.Nihira
  • Upvote 1

Share this post


Link to post
Share on other sites
21 hours ago, Sampei.Nihira said:

Microsoft will disable Flash Player at the OS level.
Flash will die in no time even if Adobe had followed a different path.

As always, nothing is straight forward...

Microsoft: We're getting rid of Flash by the end of the year - except you can still use it

Quote

"Microsoft confirmed that it plans to end support for Adobe Flash Player in its three browser variants at the end of the year, but the company intends to allow corporate customers to keep the outdated tech on life support beyond that date."

Adobe Flash Player EOL Enterprise Information Page

Quote

"HARMAN will be the official enterprise distributor for Flash Player providing support and security updates beyond 2020."

"After 2020, Flash Player playback will be blocked by default. This can be overridden by using enterprise enablement functionality available in Adobe’s latest release of Flash Player."

"Full details can be found in our Flash Player Administration guide (see ‘Enterprise Enablement’ section)."

Unhelpfully the document doesn't allow Copy but the Enterprise Enablement section starts on page 28. The Silver Bullet appears to be to add EOLUninstallDisable=1 to mms.cfg (this sits in C:\WINDOWS\system32\Macromed\Flash)

How easy it will be to get hold of HARMAN's versions of Flash Player, who knows. :huh:

Ben.

  • Like 1

Share this post


Link to post
Share on other sites
3 hours ago, Sampei.Nihira said:

Why do you write that I don't have the Flash plug-in in New Moon 28?

Wasn't there an empty plugins page screenshot before, huh?! This would mean not visible to the browser, not a simple "Click to play".

Am i mistaken (if so, sorry), or you edited it out... can't recall now :P

3 hours ago, Sampei.Nihira said:

To insert the image above I made it visible.
But even hidden it is fully functional.

A-ha!

It must be some trick with NM that i'm not aware of. Do you restart the browser to make it visible? If it's a simple toggle without a need to restart, i'd like to know how it's done.

A browser won't be able to start a plugin if it doesn't see it at all...

Anyways, glad to know you've worked it out :P

Share this post


Link to post
Share on other sites

"plugin.scan.plid.all" set to false.

I repeat after the end of support, if you need to browse untrusted web pages.

Obviously when you need to use Flash you have to reset to default.

________________________________________________________________

The latest build of Chrome also has Flash disabled.
If the "click to play" set to on, there is an annoying security warning.
I have conducted some tests and I think that for my current needs I will uninstall Flash from the OS.

Share this post


Link to post
Share on other sites
15 hours ago, Ben Markson said:

How easy it will be to get hold of HARMAN's versions of Flash Player, who knows.

I found where they write about Flash, but so far there are links only to Air 33 versions. Maybe links to Flash will be added later. https://services.harman.com/adobe

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...