funsec mailing list archives
Re: XP SP3 Installs Older, Vulnerable Version of Flash Player
From: "Larry Seltzer" <larry () larryseltzer com>
Date: Mon, 2 Jun 2008 21:21:47 -0400
I'm pretty sure it's just the ActiveX. The advisory (http://www.microsoft.com/technet/security/Bulletin/MS06-069.mspx) says, among other things, "This security update installs Flash6.ocx version 6.0.88.0and removes the version of Flash.ocx it is replacing" and makes no mention of plugins Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.pcmag.com/securitywatch/ Contributing Editor, PC Magazine larry.seltzer () ziffdavisenterprise com -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Jeff Kell Sent: Monday, June 02, 2008 6:57 PM To: funsec () linuxbox org Subject: Re: [funsec] XP SP3 Installs Older,Vulnerable Version of Flash Player Dave Nelson wrote:
IIRC Microsoft's reasoning for not shipping SP3 with a newer version
was
that their license for flash only covered the older version that they include in the update.
Does it reinstall the older ActiveX, the older plugin [e.g., Firefox], or both? Jeff _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- XP SP3 Installs Older, Vulnerable Version of Flash Player Paul Ferguson (Jun 02)
- Re: XP SP3 Installs Older, Vulnerable Version of Flash Player Dave Nelson (Jun 02)
- Re: XP SP3 Installs Older, Vulnerable Version of Flash Player Jeff Kell (Jun 02)
- Re: XP SP3 Installs Older, Vulnerable Version of Flash Player Dave Nelson (Jun 02)
- Re: XP SP3 Installs Older, Vulnerable Version of Flash Player Larry Seltzer (Jun 02)
- Re: XP SP3 Installs Older, Vulnerable Version of Flash Player Larry Seltzer (Jun 02)
- Re: XP SP3 Installs Older, Vulnerable Version of Flash Player Jeff Kell (Jun 02)
- Re: XP SP3 Installs Older, Vulnerable Version of Flash Player Dave Nelson (Jun 02)