[Snort-users] Adobe Flash outdated
edwardfjellskaal at ...11827...
Wed Aug 22 07:55:11 EDT 2012
On 08/21/2012 06:07 PM, Paul Cable wrote:
> Here is the payload from a flash advert.
> GET /res/2206/40305/39242.swf HTTP/1.1 Accept: */* Accept-Language: en-US Referer:
> x-flash-version: 11,3,300,271 Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64;
> Trident/5.0) Host: usweb.dotomi.com Connection: Keep-Alive
> And according to Adobe's website:
> Newest version is 11.3.300.271
> I'm getting this message from multiple machines in my office of about 20 clients. Just counting today 15 different systems have spawned this message.
> -----Original Message-----
> From: Castle, Shane [mailto:scastle at ...14946...]
> Sent: Tuesday, August 21, 2012 11:07 AM
> To: Paul Cable; snort-users at lists.sourceforge.net
> Subject: RE: Adobe Flash outdated
> It's probably a TP, and it refers to the installation of Flash that an IE browser is using. Auto-update doesn't always seem to work, and if the Flash installation is old enough, it isn't there.
> In fact, I'd go so far as to say that Adobe's auto-update is broken. Try downloading and running Secunia PSI on a couple of those systems and see what it tells you.
And then there was this :)
"Users of Adobe Flash Player 11.3.300.271 and earlier versions for
Windows and Macintosh should update to Adobe Flash Player 11.4.402.265."
More information about the Snort-users