• Quick note - the problem with Youtube videos not embedding on the forum appears to have been fixed, thanks to ZiprHead. If you do still see problems let me know.

Adobe Flash plug-in issue

Minoosh

Penultimate Amazing
Minoosh
Joined
Jul 15, 2011
Messages
12,761
I keep getting dysfunctional videos that inform me "Firefox has prevented the outdated plugin 'Adobe Flash' from running." I'm told it's "vulnerable." A click will give me an option: "Allow now" or "Allow and remember." It comes up with other browsers as well.

There are links to install the update, but I just go in a circle; I install the installer, but clicking through to install the update does not work. I just end up with multiple copies of the installer. I try to uninstall and start over, and the same thing happens.

How is it "vulnerable"? Security? Other than that it's mainly an annoyance; I can "Allow Now" and get the CNN videos, though that IMO is a very clumsy website (user malfunction definitely possible).

If anyone can give me some insight on the pitfalls I face I'd appreciate it. Sometimes I think some websites are being difficult just to keep the user on the site longer.

Any help appreciated. Thanks.

The "vulnerable" part worries me ... does that mean?

ETA: Same thing with Silverlight on Netflix.
 
Last edited:
I just tried and it worked for me. Clicked the install update link, after the installer downloaded I ran the installer then restarted Firefox and Flash was now at R24.0 r0.

You can try manually running one of the downloaded copies of the installer from the downloads folder in File Explorer. If the installer still doesn't run try upgrading from the Firefox "Plugins" tab of the "Add-ons" page. If none of that gets the Flash installer to complete then I'd start thinking that something is very messed up on the PC, possibly malware that prevents the security update.

For Silverlight I find it's best to do the updates through the Windows Update system, (it's usually listed as an optional update)
 
It's not the website making that message, it's Firefox.

When a security vulnerability is fixed in Flash, Firefox headquarters keeps a record of the latest 'fully fixed' version. When you try to use your current Flash, it's version is checked against that 'latest fixed' version. If you're not using that one or a newer one, the web browser itself warns you that the version you have may allow people/websites to abuse bugs in your version to do naughty things to your computer. Sometimes the bug just allows people to read your files, sometimes it allows them to change those files, sometimes it allows them to rewrite parts of the operating system code itself and turn your computer into an unwitting accomplice in denial-of-service attacks worldwide.
 
Last edited:
paulhutch said:
If none of that gets the Flash installer to complete then I'd start thinking that something is very messed up on the PC, possibly malware that prevents the security update.
Click to expand...

It's a Mac - does that make any difference?
 
I've had problems with friggin Firefox ever since I switched to it and this is one of them (on PC not a mac). I guess it's back to Vivaldi :(
 
GodMark2 said:
If you're not using that one or a newer one, the web browser itself warns you that the version you have may allow people/websites to abuse bugs in your version to do naughty things to your computer. Sometimes the bug just allows people to read your files, sometimes it allows them to change those files, sometimes it allows them to rewrite parts of the operating system code itself and turn your computer into an unwitting accomplice in denial-of-service attacks worldwide.
Click to expand...
When you talk about people reading my files, are you talking about a guy sitting in a chair in front of his computer reading things on my computer?

Is it really that small and personal, or are you talking about hundreds of thousands or millions?

I regularly have this conversation with my mother who is paranoid about intrusion on her computer. She has envisioned a living person sitting at the other end doing nefarious things to her computer on an individual level.

I try to explain to her that these security concerns are not like that. I mean, I've never heard of anyone losing their house, or even their shirt, because of an Adobe Flash plug-in issue.
 
Last edited:
William Parcher said:
When you talk about people reading my files, are you talking about a guy sitting in a chair in front of his computer reading things on my computer?

Is it really that small and personal, or are you talking about hundreds of thousands or millions?

I regularly have this conversation with my mother who is paranoid about intrusion on her computer. She has envisioned a living person sitting at the other end doing nefarious things to her computer on an individual level.

I try to explain to her that these security concerns are not like that. I mean, I've never heard of anyone losing their house, or even their shirt, because of an Adobe Flash plug-in issue.
Click to expand...

Expecially with Macs, as they are relatively secure re: displacements. Still, not super-thrilled as the learn more in contemporary plans.
 
It should be noted that the browser makers are continuing to become more Flash intolerant with the planned result being to eliminate Flash compatibility completely. Flash is pretty much a security problem from the ground up.

There will come a point in the near future where anyone who wants to view Flash content on the web will have to use a legacy product to do so.
 
Last edited:
For what it's worth: I'm on a Mac, and if I get pop-ups telling me anything regarding flash, they're very very often thinly disguised attempts of delivering a trojan.

I usually keep my flash up-to-date manually, by checking via http://www.adobe.com/software/flash/about/ (which tells you which version you have installed, and which version is current for all platforms).

Every once in a while, I miss one update, and get a legit pop-up. I never use this pop-up, and instead go to the mentioned source at Adobe directly. Every once in a while, I also found out that the pop-up was NOT legit, and my installed flash WAS still up-to-date (which is why I started doing the above procedure in the first place).

For the last year or so, however, all such pop-ups I encountered were fake ones (tough I do not frequent a lot of big name video deliverers like CNN.com* very often, and I encounter such pop-ups often on pages where such a practice is to be expected :D ).

Can't speak for Netflix or silverlight, but given that Microsoft has stopped development (besides security updates), recommends 3rd party developers to not use it anymore, and Netflix is about to kick it out...

*ETA: I just went to CNN.com and viewed a video. I have the Click-to-Flash extension of Safari, and CNN.com is not whitelisted (since I don't watch video there very often). The video played without me needing to click, meaning it was delivered via HTML5, not flash.
 
Last edited:
I agree with elgarak, be very war of any flash update notice, always go Adobe to get them. Ninite is a great place to get Silverlight, unfortunately or finance software is Silverlight based.

(And yes Firefox does take some futzing for Flash player)

https://ninite.com/
 
William Parcher said:
When you talk about people reading my files, are you talking about a guy sitting in a chair in front of his computer reading things on my computer?
Is it really that small and personal, or are you talking about hundreds of thousands or millions?

I regularly have this conversation with my mother who is paranoid about intrusion on her computer. She has envisioned a living person sitting at the other end doing nefarious things to her computer on an individual level.

I try to explain to her that these security concerns are not like that. I mean, I've never heard of anyone losing their house, or even their shirt, because of an Adobe Flash plug-in issue.
Click to expand...

Most likely, no. That guy will have written the malware to read your files, look for interesting bits, bundle them up, and send them to him, where they will either sit around until he gathers enough of those to interest a buyer, or until he feeds the batch numbers to another program. What happens to any individual bit of data depends type of info. Bank accounts get fed into another program that directly tries to drain accounts, each account number used independently. Social Security numbers get correlated with age/sex/address/phone, etc to be resold to people looking to change their slightly soiled identity for the clean one you have been using.

You won't directly loose your house. But, if someone opens up multiple credit cards in your name using your SSN and your address and your phone number, and maxes them all with cash advances, you will have to work very hard to try and prove it wasn't you. When the card companies come looking to collect the thousands of dollars in payments, that house is a tough asset to hide.

On the slightly more personal side is ransomware, which tries to hold your computer hostage (possibly by encrypting all your files, possibly by just not allowing you to boot to a desktop) until you pay them some money (often bitcoins, which are hard to trace). It's still just a mass-market affair to the people creating the malware, they don't actually read any of the files. But to you, it's about as personal as a mugging in broad daylight. I'm not aware of any ransomware being spread through Adobe Flash, but anything that can allow unfettered access to your computer to an outside program could be used to do it.
 
Babbylonian said:
It should be noted that the browser makers are continuing to become more Flash intolerant with the planned result being to eliminate Flash compatibility completely. Flash is pretty much a security problem from the ground up.

There will come a point in the near future where anyone who wants to view Flash content on the web will have to use a legacy product to do so.
Click to expand...

I do a lot of browsing on Android tablets, which do not support flash. A few years ago, this was an annoyance, but now just about any web site I have any interest in viewing is using HTML5 for video. My reaction when seeing a message to update flash, or more often, just a blank space on the page with a "missing plugin" icon is, "Your site still uses flash? WTF is wrong with you people?
 
CORed said:
I do a lot of browsing on Android tablets, which do not support flash. A few years ago, this was an annoyance, but now just about any web site I have any interest in viewing is using HTML5 for video. My reaction when seeing a message to update flash, or more often, just a blank space on the page with a "missing plugin" icon is, "Your site still uses flash? WTF is wrong with you people?
Click to expand...

You conclusion is, while not exactly wrong, not very relevant. As I said: There's tons of pages out there which pop up "Update Flash", when, in fact, do not deliver an updated flash. And the page in question is not actually using flash... It's just that it's made to appear to deliver something that's commonly delivered via flash, counting on clueless users. It's a classic Trojan horse con.

It also pops up on mostly 'safe' sites, often via an hijacked ad delivery.

On a related note:

When I install flash, I am presented with three options: Update automatically, get notification, don't get notifications.

First option is out (I don't trust Adobe in general, or flash in particular, given the security issues it has), third is useless. So I opt to get notifications.

Thing is, I cannot recall when the last time was I got a genuine, legit notification from Adobe about flash updates. None, zip, zilch. Might as well check "don't get notifications".

Nowadays, I get 'notifications' about a major flash update from news (taking the word is a broad sense). Or when I decide to check myself. ALL notifications in recent times popping up on my machine are fake ones. Not that I use them. I don't know if they're malicious (but it's more likely than not), but they don't come from Adobe. I get rid of them, and then check manually. (They're mostly not done well, anyway. Spelling errors, or use different design elements than Adobe. Not that Adobe does a particular good job to make things easy. They don't, by changing up details just so much that con deliveries are juuuust about believable.)
 
Last edited:
Minoosh said:
I keep getting dysfunctional videos that inform me "Firefox has prevented the outdated plugin 'Adobe Flash' from running." I'm told it's "vulnerable." A click will give me an option: "Allow now" or "Allow and remember." It comes up with other browsers as well.

There are links to install the update, but I just go in a circle; I install the installer, but clicking through to install the update does not work. I just end up with multiple copies of the installer. I try to uninstall and start over, and the same thing happens.

How is it "vulnerable"? Security? Other than that it's mainly an annoyance; I can "Allow Now" and get the CNN videos, though that IMO is a very clumsy website (user malfunction definitely possible).

If anyone can give me some insight on the pitfalls I face I'd appreciate it. Sometimes I think some websites are being difficult just to keep the user on the site longer.

Any help appreciated. Thanks.

The "vulnerable" part worries me ... does that mean?

ETA: Same thing with Silverlight on Netflix.
Click to expand...

Well...then God Bless Firefox.

Adobe is Satan: no computer - no matter how powerful - can run it without crashing or freezing.

That's a fact.
 
William Parcher said:
I run Adobe Flash Player. My computer does not crash or freeze.

That's a fact.
Click to expand...

The player, or the plugin? The plugin is more problematic, because when the player is (apparently) stuck in an infinite loop, you can see that it is still running and shut it down. I don't get crashes or freezes, but one continuously maxed out cpu core is very common.

They also put out updates at a terrifying rate. Something is wrong with the code base or development and testing process, or that wouldn't happen. The rate has gone down lately, so maybe things are improving.
 
You must log in or register to reply here.

Back
Top Bottom