Is it Time to Uninstall Flash? (If you haven't already)

Published: 2018-12-06. Last Updated: 2018-12-06 19:42:00 UTC
by Rob VandenBrink (Version: 1)
2 comment(s)

If you haven't uninstalled Flash yet, maybe today should be that day.  The update posted yesterday has a remote code exec proof-of-concept already here:
https://github.com/smgorelik/Windows-RCE-exploits/blob/master/Documents/Office%2BFlash/CVE-2018-15982_%23PoC%23.zip

And Gigamon has posted that it's being seen in the wild already:
https://atr-blog.gigamon.com/2018/12/05/adobe-flash-zero-day-exploited-in-the-wild/

 

===============
Rob VandenBrink
Compugen

Keywords:
2 comment(s)

Comments

Are there Registry Hacks to kill off Flash in Windows 10?
Yes, Flash doesn't show up correctly in the "wmic product" list, so the standard powershell uninstall methods can be a problem.
Most application managers do handle Flash correctly, but if you don't have a software inventory / mgt app, Adobe has a "this uninstalls all versions" executable here:
http://download.macromedia.com/get/flashplayer/current/support/uninstall_flash_player.exe
Once it's downloaded, run (with admin rights) "uninstall_flash_player -uninstall" (this bypasses the "OK" user prompt)
It's not 100%, but I've had good luck with it so far (including on Windows 10).

Diary Archives