Re: [Flashcoders] Flash security issue
My apologies for not getting back sooner. I have been pulled away from this temporarily to put out another fire. But I was wondering if this will work if the swf calls other swf files and video as well? Will the wrapper throw off the scope to the other support files? On 8/21/09 11:14 AM, Gregory Boland breakfastcof...@gmail.com wrote: thats why i'm saying create a wrapper file for that swf. take the swf that is given to you from ad wonder and import it into a .fla file. then make an .exe file out of that. On Fri, Aug 21, 2009 at 10:13 AM, Bill Jones bjo...@backemarketing.comwrote: Unfortunately, AdWonder controls the entire process. It builds the files and I simply download a stuffit file that contains the html, swf and support files. On 8/21/09 10:08 AM, Gregory Boland breakfastcof...@gmail.com wrote: create an .exe file so that when you run it from a CD you can run it standalone. Not sure about what your using, if it allows you to do that but maybe if you create a wrapper swf and load the other swf into your wrapper swf you can create an .exe file greg On Fri, Aug 21, 2009 at 9:52 AM, Bill Jones bjo...@backemarketing.com wrote: I am creating a Demo file using EyeWonder's AdWonder. It generates an html with accompanying swf and support files. I can copy the html and file folder to a disk so the client can view the finished piece locally on a stand alone laptop. Unfortunately, to view it from a CD, you have to adjust flash security setting through the Flash Player Security Manager (something the client has no idea how to do). Is there a way to bypass the security settings, or can I add some javascript (link a js file) to the html mage that will make the change transparent to the end user? _ Bill Jones Interface Developer Backe Digital Brand Marketing 35 Cricket Terrace Center Ardmore, PA 19003 Voice: 610-896-9260 x280 Fax: 610-896-9242 bjo...@backemarketing.com If you want to go forward, click Backe. ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders _ Bill Jones Interface Developer Backe Digital Brand Marketing 35 Cricket Terrace Center Ardmore, PA 19003 Voice: 610-896-9260 x280 Fax: 610-896-9242 bjo...@backemarketing.com If you want to go forward, click Backe. ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders _ Bill Jones Interface Developer Backe Digital Brand Marketing 35 Cricket Terrace Center Ardmore, PA 19003 Voice: 610-896-9260 x280 Fax: 610-896-9242 bjo...@backemarketing.com If you want to go forward, click Backe. ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
RE: [Flashcoders] Flash security issue
You could also use a standalone webserver - I've used 'Server2Go CD-ROM Webserver' before, it's quite customisable, and also gets me past all those annoying security issues. I like it as a solution because I don't need to do an extra version (as an .exe) of my projects, and I don't need to force users to change settings they wouldn't normally need to know about, and my ExternalInterface interactions will still function as expected. C: -Original Message- From: flashcoders-boun...@chattyfig.figleaf.com [mailto:flashcoders-boun...@chattyfig.figleaf.com] On Behalf Of Gregory Boland Sent: Saturday, 22 August 2009 1:14 AM To: Flash Coders List Subject: Re: [Flashcoders] Flash security issue thats why i'm saying create a wrapper file for that swf. take the swf that is given to you from ad wonder and import it into a .fla file. then make an .exe file out of that. On Fri, Aug 21, 2009 at 10:13 AM, Bill Jones bjo...@backemarketing.comwrote: Unfortunately, AdWonder controls the entire process. It builds the files and I simply download a stuffit file that contains the html, swf and support files. On 8/21/09 10:08 AM, Gregory Boland breakfastcof...@gmail.com wrote: create an .exe file so that when you run it from a CD you can run it standalone. Not sure about what your using, if it allows you to do that but maybe if you create a wrapper swf and load the other swf into your wrapper swf you can create an .exe file greg On Fri, Aug 21, 2009 at 9:52 AM, Bill Jones bjo...@backemarketing.com wrote: I am creating a Demo file using EyeWonder's AdWonder. It generates an html with accompanying swf and support files. I can copy the html and file folder to a disk so the client can view the finished piece locally on a stand alone laptop. Unfortunately, to view it from a CD, you have to adjust flash security setting through the Flash Player Security Manager (something the client has no idea how to do). Is there a way to bypass the security settings, or can I add some javascript (link a js file) to the html mage that will make the change transparent to the end user? _ Bill Jones Interface Developer Backe Digital Brand Marketing 35 Cricket Terrace Center Ardmore, PA 19003 Voice: 610-896-9260 x280 Fax: 610-896-9242 bjo...@backemarketing.com If you want to go forward, click Backe. ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders _ Bill Jones Interface Developer Backe Digital Brand Marketing 35 Cricket Terrace Center Ardmore, PA 19003 Voice: 610-896-9260 x280 Fax: 610-896-9242 bjo...@backemarketing.com If you want to go forward, click Backe. ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders This e-mail, including any attached files, may contain confidential and privileged information for the sole use of the intended recipient. Any review, use, distribution, or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive information for the intended recipient), please contact the sender by reply e-mail and delete all copies of this message. ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
[Flashcoders] Flash security issue
I am creating a Demo file using EyeWonder's AdWonder. It generates an html with accompanying swf and support files. I can copy the html and file folder to a disk so the client can view the finished piece locally on a stand alone laptop. Unfortunately, to view it from a CD, you have to adjust flash security setting through the Flash Player Security Manager (something the client has no idea how to do). Is there a way to bypass the security settings, or can I add some javascript (link a js file) to the html mage that will make the change transparent to the end user? _ Bill Jones Interface Developer Backe Digital Brand Marketing 35 Cricket Terrace Center Ardmore, PA 19003 Voice: 610-896-9260 x280 Fax: 610-896-9242 bjo...@backemarketing.com If you want to go forward, click Backe. ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
Re: [Flashcoders] Flash security issue
create an .exe file so that when you run it from a CD you can run it standalone. Not sure about what your using, if it allows you to do that but maybe if you create a wrapper swf and load the other swf into your wrapper swf you can create an .exe file greg On Fri, Aug 21, 2009 at 9:52 AM, Bill Jones bjo...@backemarketing.comwrote: I am creating a Demo file using EyeWonder's AdWonder. It generates an html with accompanying swf and support files. I can copy the html and file folder to a disk so the client can view the finished piece locally on a stand alone laptop. Unfortunately, to view it from a CD, you have to adjust flash security setting through the Flash Player Security Manager (something the client has no idea how to do). Is there a way to bypass the security settings, or can I add some javascript (link a js file) to the html mage that will make the change transparent to the end user? _ Bill Jones Interface Developer Backe Digital Brand Marketing 35 Cricket Terrace Center Ardmore, PA 19003 Voice: 610-896-9260 x280 Fax: 610-896-9242 bjo...@backemarketing.com If you want to go forward, click Backe. ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
Re: [Flashcoders] Flash security issue
Unfortunately, AdWonder controls the entire process. It builds the files and I simply download a stuffit file that contains the html, swf and support files. On 8/21/09 10:08 AM, Gregory Boland breakfastcof...@gmail.com wrote: create an .exe file so that when you run it from a CD you can run it standalone. Not sure about what your using, if it allows you to do that but maybe if you create a wrapper swf and load the other swf into your wrapper swf you can create an .exe file greg On Fri, Aug 21, 2009 at 9:52 AM, Bill Jones bjo...@backemarketing.comwrote: I am creating a Demo file using EyeWonder's AdWonder. It generates an html with accompanying swf and support files. I can copy the html and file folder to a disk so the client can view the finished piece locally on a stand alone laptop. Unfortunately, to view it from a CD, you have to adjust flash security setting through the Flash Player Security Manager (something the client has no idea how to do). Is there a way to bypass the security settings, or can I add some javascript (link a js file) to the html mage that will make the change transparent to the end user? _ Bill Jones Interface Developer Backe Digital Brand Marketing 35 Cricket Terrace Center Ardmore, PA 19003 Voice: 610-896-9260 x280 Fax: 610-896-9242 bjo...@backemarketing.com If you want to go forward, click Backe. ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders _ Bill Jones Interface Developer Backe Digital Brand Marketing 35 Cricket Terrace Center Ardmore, PA 19003 Voice: 610-896-9260 x280 Fax: 610-896-9242 bjo...@backemarketing.com If you want to go forward, click Backe. ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
Re: [Flashcoders] Flash security issue
thats why i'm saying create a wrapper file for that swf. take the swf that is given to you from ad wonder and import it into a .fla file. then make an .exe file out of that. On Fri, Aug 21, 2009 at 10:13 AM, Bill Jones bjo...@backemarketing.comwrote: Unfortunately, AdWonder controls the entire process. It builds the files and I simply download a stuffit file that contains the html, swf and support files. On 8/21/09 10:08 AM, Gregory Boland breakfastcof...@gmail.com wrote: create an .exe file so that when you run it from a CD you can run it standalone. Not sure about what your using, if it allows you to do that but maybe if you create a wrapper swf and load the other swf into your wrapper swf you can create an .exe file greg On Fri, Aug 21, 2009 at 9:52 AM, Bill Jones bjo...@backemarketing.com wrote: I am creating a Demo file using EyeWonder's AdWonder. It generates an html with accompanying swf and support files. I can copy the html and file folder to a disk so the client can view the finished piece locally on a stand alone laptop. Unfortunately, to view it from a CD, you have to adjust flash security setting through the Flash Player Security Manager (something the client has no idea how to do). Is there a way to bypass the security settings, or can I add some javascript (link a js file) to the html mage that will make the change transparent to the end user? _ Bill Jones Interface Developer Backe Digital Brand Marketing 35 Cricket Terrace Center Ardmore, PA 19003 Voice: 610-896-9260 x280 Fax: 610-896-9242 bjo...@backemarketing.com If you want to go forward, click Backe. ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders _ Bill Jones Interface Developer Backe Digital Brand Marketing 35 Cricket Terrace Center Ardmore, PA 19003 Voice: 610-896-9260 x280 Fax: 610-896-9242 bjo...@backemarketing.com If you want to go forward, click Backe. ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
[Flashcoders] flash :: security
so i have a flash movie that is hosted on a clients server that i would like to load into an html page on my site. ive been looking at security issues with this and it seems that the getUrl functions etc are ignored. the flash file is flash 8. are there workarounds for loading external flash files like this? cheers. joshua forstot President Chief Creative Officer +agenc AD :: NO. 632 | 27762 ANTONIO PKWY L1 | LADERA RANCH, CA | 92694 TN :: 949 218 8796 WS :: www.addagenc.com ___ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com
RE: [Flashcoders] flash :: security
http://www.adobe.com/devnet/flash/articles/fplayer8_security.html Jason Merrill Bank of America Learning Organization Effectiveness - Technology Solutions -Original Message- From: [EMAIL PROTECTED] [mailto:flashcoders- [EMAIL PROTECTED] On Behalf Of :: joshua Sent: Tuesday, October 17, 2006 4:18 PM To: flashcoders@chattyfig.figleaf.com Subject: [Flashcoders] flash :: security so i have a flash movie that is hosted on a clients server that i would like to load into an html page on my site. ive been looking at security issues with this and it seems that the getUrl functions etc are ignored. the flash file is flash 8. are there workarounds for loading external flash files like this? cheers. joshua forstot President Chief Creative Officer +agenc AD :: NO. 632 | 27762 ANTONIO PKWY L1 | LADERA RANCH, CA | 92694 TN :: 949 218 8796 WS :: www.addagenc.com ___ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com ___ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com
[Flashcoders] Flash security advisories from U.S. Navy/Marines?
Anyone know anything about this? See the report below. This would effectively bring our Flash work with the U.S. Navy and Marine Corp to a screeching halt. The NMCI gold disk is the standard install of software for all computers in the Navy and Marines. Flash 7 was previously approved - now it looks like they could begin removing it from machines. It would be a long while before they approve Flash 8. And we were just about to propose a Flex option for them too. :-( Anyone know anything about this security issue? From: * Sent: Friday, December 02, 2005 1:28 PM To: Subject: FW: Flash security advisories FYI... The NMCI just blocked access to ALL swf files from their web servers (.mil domains) yesterday. We'll have to see how this plays out. ** -Original Message- From: * Sent: Thursday, December 01, 2005 4:50 PM Read below. Security vulnerabilities have been discovered in Flash. I received notice from Camp Pendleton that NMCI has once again blocked Flash mobile code from .mil networks. I confirmed with MCNOSC and asked for the info below. If we haven't already received any calls from anyone on .mil expressing issue viewing Flash activity on our site, we will soon. Apparently Macromedia recommends going to Flash Player version 8. We will meet tomorrow morning at 0930 in the CR to discuss the problem and alternative solutions. The policy will need to be reinstated by MCEN DAA to open the door again for Flash. Thanks, -Original Message- From: *** Sent: Thursday, December 01, 2005 1:46 PM To: * Subject: Flash security advisories http://www.macromedia.com/devnet/security/security_zone/mpsb05-07.html IAVA extract: Joint Task Force - Global Network Operations (JTF-GNO) Information Assurance Vulnerability Alert 2005-A-0040 TOPIC: Multiple Vulnerabilities in Macromedia Flash REFERENCE: Macromedia http://www.macromedia.com/devnet/security/security_zone/mpsb05-07.html Security Focus http://www.securityfocus.com/bid/15332/info http://www.securityfocus.com/bid/15322/info http://www.securityfocus.com/advisories/9646 2 http://www.securityfocus.com/advisories/9728 CVE NUMBER(s): CAN-2005-2628 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2628 Macromedia Flash ActionDefineFunction Memory Access Vulnerability STIG FINDING: 1CAT I THREAT ASSESSMENT: High TIMELINE SUMMARY Release Date Acknowledgement Suspense Compliance Suspense 10 November 05 12 November 05 25 November 05 REVISION HISTORY Number Date Details 1 15 Nov -05 Posted STIG FINDING ftp://www.cert.mil/pub/bulletins/dodcert2005/2005-a-0040.htm#1#1 Category. 2 21 Nov 05 Added systems to Vulnerable Systems ftp://www.cert.mil/pub/bulletins/dodcert2005/2005-a-0040.htm#Vul Sys#Vul Sys area Added link to Reference ftp://www.cert.mil/pub/bulletins/dodcert2005/2005-a-0040.htm#SUSE Advisory#SUSE Advisory area 3 29 Nov 05 Added patch link to DoD Patch Repository ftp://www.cert.mil/pub/bulletins/dodcert2005/2005-a-0040.htm#3dodpatch# 3dodpatch EXECUTIVE SUMMARY/IMPACT There are two vulnerabilities that have been identified affecting Macromedia Flash plug-ins. Macromedia Flash is a widely distributed application and is used to create simple motion graphics, video and animation for interactive websites. A plug-in adds a specific feature or service to a larger system, such as Macromedia Flash. The first vulnerability affects the Macromedia Flash Action Define Function Memory Access plug-in. This plug-in is vulnerable to an input validation error, which is when data that's entered exceeds the accepted boundaries of the application. This violation causes the application to crash, creating a Denial of Service (DoS). The second vulnerability affects the Macromedia Flash Array Index Memory Access plug-in. This plug-in is also vulnerable to an input validation error, except it is exploited by entering non-standard code into the application causing it to crash, creating the DoS. This occurs when an intruder would entice a user to download the malicious code. These vulnerabilities could result in an intruder gaining full access, executing non-standard code or causing a DoS. Macromedia Flash 6 and 7 are affected by both these vulnerabilities. The JTF-GNO has not received any reports of DoD incidents in regard to these vulnerabilities. However, a public Proof of Concept is currently circulating in the wild. TECHNICAL OVERVIEW Macromedia Flash ActionDefineFunction Memory Access Vulnerability and Macromedia Flash Array Index Memory Access Vulnerability The Flash plug-in is vulnerable to an input validation error that may be exploited to execute arbitrary code or carry out a Denial of Service (DoS) attack. These vulnerabilities
RE: [Flashcoders] Flash security advisories from U.S. Navy/Marines?
The vulnerabilities were reported on Bugtraq (http://search.securityfocus.com/swsearch?query=macromediasbm=%2Fsubmit=Se arch%21metaname=alldocsort=swishlastmodified) a couple weeks ago. The vulnerabilities involve an attacker creating a malicious .swf file and tricking a user into downloading it, similar to a web site tricking a user into downloading a virus. If you're creating a Flash application/animation for a customer, though, it's obviously not malicious, and thus the application itself is not susceptible to the attack. The problem will be political, though, convincing your DoD customer your application isn't vulnerable. Of course, the reason to ban Flash player is less about interfacing with your benign application, and more about worrying that a user will inadvertently connect to another site that *does* have a malicious .swf file. The bug is in the Flash player, and can lead to compromise of the client's system. -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Merrill, Jason Sent: Friday, December 02, 2005 1:51 PM To: Flashcoders mailing list Subject: [Flashcoders] Flash security advisories from U.S. Navy/Marines? Anyone know anything about this? See the report below. This would effectively bring our Flash work with the U.S. Navy and Marine Corp to a screeching halt. The NMCI gold disk is the standard install of software for all computers in the Navy and Marines. Flash 7 was previously approved - now it looks like they could begin removing it from machines. It would be a long while before they approve Flash 8. And we were just about to propose a Flex option for them too. :-( Anyone know anything about this security issue? From: * Sent: Friday, December 02, 2005 1:28 PM To: Subject: FW: Flash security advisories FYI... The NMCI just blocked access to ALL swf files from their web servers (.mil domains) yesterday. We'll have to see how this plays out. ** -Original Message- From: * Sent: Thursday, December 01, 2005 4:50 PM Read below. Security vulnerabilities have been discovered in Flash. I received notice from Camp Pendleton that NMCI has once again blocked Flash mobile code from .mil networks. I confirmed with MCNOSC and asked for the info below. If we haven't already received any calls from anyone on .mil expressing issue viewing Flash activity on our site, we will soon. Apparently Macromedia recommends going to Flash Player version 8. We will meet tomorrow morning at 0930 in the CR to discuss the problem and alternative solutions. The policy will need to be reinstated by MCEN DAA to open the door again for Flash. Thanks, -Original Message- From: *** Sent: Thursday, December 01, 2005 1:46 PM To: * Subject: Flash security advisories http://www.macromedia.com/devnet/security/security_zone/mpsb05-07.html IAVA extract: Joint Task Force - Global Network Operations (JTF-GNO) Information Assurance Vulnerability Alert 2005-A-0040 TOPIC: Multiple Vulnerabilities in Macromedia Flash REFERENCE: Macromedia http://www.macromedia.com/devnet/security/security_zone/mpsb05-07.html Security Focus http://www.securityfocus.com/bid/15332/info http://www.securityfocus.com/bid/15322/info http://www.securityfocus.com/advisories/9646 2 http://www.securityfocus.com/advisories/9728 CVE NUMBER(s): CAN-2005-2628 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2628 Macromedia Flash ActionDefineFunction Memory Access Vulnerability STIG FINDING: 1CAT I THREAT ASSESSMENT: High TIMELINE SUMMARY Release Date Acknowledgement Suspense Compliance Suspense 10 November 05 12 November 05 25 November 05 REVISION HISTORY Number Date Details 1 15 Nov -05 Posted STIG FINDING ftp://www.cert.mil/pub/bulletins/dodcert2005/2005-a-0040.htm#1#1 Category. 2 21 Nov 05 Added systems to Vulnerable Systems ftp://www.cert.mil/pub/bulletins/dodcert2005/2005-a-0040.htm#Vul Sys#Vul Sys area Added link to Reference ftp://www.cert.mil/pub/bulletins/dodcert2005/2005-a-0040.htm#SUSE Advisory#SUSE Advisory area 3 29 Nov 05 Added patch link to DoD Patch Repository ftp://www.cert.mil/pub/bulletins/dodcert2005/2005-a-0040.htm#3dodpatch# 3dodpatch EXECUTIVE SUMMARY/IMPACT There are two vulnerabilities that have been identified affecting Macromedia Flash plug-ins. Macromedia Flash is a widely distributed application and is used to create simple motion graphics, video and animation for interactive websites. A plug-in adds a specific feature or service to a larger system, such as Macromedia Flash. The first vulnerability affects the Macromedia Flash Action Define Function Memory Access plug-in. This plug-in is vulnerable to an input validation error, which
Re: [Flashcoders] Flash security advisories from U.S. Navy/Marines?
Merrill, Jason wrote: Anyone know anything about this? See the report below. It sounds like they're talking about the security advisory released last month, which is addressed by either (a) on modern operating systems using the current Macromedia Flash Player, 8.0 generation; or (b) on Win95, WinNT, classic Mac or Linux, using the updated 7.x Players. http://www.macromedia.com/devnet/security/security_zone/mpsb05-07.html For what it's worth, I just did a quick Google search, and the SWF I checked were still playing: http://www.google.com/search?q=inurl:mil+macromedia Thanks for the heads-up, though, I'll spread the word here. Seems like their normal software update process should do it...? jd -- John Dowdell . Macromedia Developer Support . San Francisco CA USA Weblog: http://www.macromedia.com/go/blog_jd Aggregator: http://www.macromedia.com/go/weblogs Technotes: http://www.macromedia.com/support/ Spam killed my private email -- public record is best, thanks. ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
RE: [Flashcoders] Flash security advisories from U.S. Navy/Marines?
Nevermind (unless you happen to know more about what the Navy/Marines are going to do about it - that would be good to know.) I referenced this in my own post: http://www.macromedia.com/devnet/security/security_zone/mpsb05-07.html Jason Merrill | E-Learning Solutions | icfconsulting.com NOTICE: This message is for the designated recipient only and may contain privileged or confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of this e-mail by you is prohibited. ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
RE: [Flashcoders] Flash security advisories from U.S. Navy/Marines?
Thanks John. I know Macromedia has worked wonders with the NMCI folks before, maybe you can do it again. Jason Merrill | E-Learning Solutions | icfconsulting.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Dowdell Sent: Friday, December 02, 2005 2:29 PM To: Flashcoders mailing list Subject: Re: [Flashcoders] Flash security advisories from U.S. Navy/Marines? Merrill, Jason wrote: Anyone know anything about this? See the report below. It sounds like they're talking about the security advisory released last month, which is addressed by either (a) on modern operating systems using the current Macromedia Flash Player, 8.0 generation; or (b) on Win95, WinNT, classic Mac or Linux, using the updated 7.x Players. http://www.macromedia.com/devnet/security/security_zone/mpsb05-07.html For what it's worth, I just did a quick Google search, and the SWF I checked were still playing: http://www.google.com/search?q=inurl:mil+macromedia Thanks for the heads-up, though, I'll spread the word here. Seems like their normal software update process should do it...? jd NOTICE: This message is for the designated recipient only and may contain privileged or confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of this e-mail by you is prohibited. ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
Re: [Flashcoders] Flash security advisories from U.S. Navy/Marines?
Merrill, Jason wrote: Thanks John. I know Macromedia has worked wonders with the NMCI folks before, maybe you can do it again. ... and thanks for the heads-up, Jason, staffers here are already in touch with their .MIL contacts to resolve it ;-) jd -- John Dowdell . Macromedia Developer Support . San Francisco CA USA Weblog: http://www.macromedia.com/go/blog_jd Aggregator: http://www.macromedia.com/go/weblogs Technotes: http://www.macromedia.com/support/ Spam killed my private email -- public record is best, thanks. ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
RE: [Flashcoders] Flash security advisories from U.S. Navy/Marines?
Fantastic John. I know from my Flex sales rep (Matt Troedson), they are using Flex in a few places in the Navy already... should be resolvable I would think. Jason Merrill | E-Learning Solutions | icfconsulting.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Dowdell Sent: Friday, December 02, 2005 3:39 PM To: Flashcoders mailing list Subject: Re: [Flashcoders] Flash security advisories from U.S. Navy/Marines? Merrill, Jason wrote: Thanks John. I know Macromedia has worked wonders with the NMCI folks before, maybe you can do it again. ... and thanks for the heads-up, Jason, staffers here are already in touch with their .MIL contacts to resolve it ;-) jd NOTICE: This message is for the designated recipient only and may contain privileged or confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of this e-mail by you is prohibited. ___ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders