Last week Symantec semi-sensationalized a serious threat concerning Flash by calling it a zero day vulnerability (meaning no patch is available). While there were reports of over 20,000 legit websites being hacked to host malicious flash files, the most current version actually is immune to the threat. So the threat is VERY REAL, but it's not like there's nothing you can do about it short of uninstalling Flash or setting a temporary "kill-bit switch" ... which is essentially what Symantec was saying. They have since clarified the current version is immune to the threat.
How can I tell if I'm vulnerable?
The easiest way is by checking the filename. Open %windows%\system32\macromed\flash\. The current file should be named flash9f.ocx. If this is the file you see, you are immune. Any version less than this is vulnerable.
How do I update my home computer?
If you don't know if you're vulnerable or not, please just take 45 seconds to update it. Click
here to visit Adobe's flash update page.
How do I deploy it across my entire network?
So if you're an IT admin for a company you may be asking yourself... "are you telling me I have to go to every single computer one-by-one and point every computer's browser to adobe.com to update flash???" The answer is NO. Whether you have 10 computers or 1,000, simply use group policy to deploy it. The trick is to know where to download the .msi package from Macromedia. Download it directly from Macromedia
here.
Then follow these instructions for deploying applications with Group Policy. Note: you don't even need to worry about creating an MSI -
the download supplied above is already packaged as an .msi file.
Just a heads up, it may be best to assign it to the user, and not the computer. Our experience has found boot-time hang ups when assigning it to computers.
Contact Us!
Please use the form below to contact us for questions about this information, to report dead-links, or for any other reason.