02, 2008 6:57 PM
To: funsec@linuxbox.org
Subject: Re: [funsec] XP SP3 Installs Older,Vulnerable Version of Flash
Player
Dave Nelson wrote:
> IIRC Microsoft's reasoning for not shipping SP3 with a newer version
was
> that their license for flash only covered the older version that they
&g
To be honest Jeff, I'm not sure. I haven't installed SP3 on any of my
machines (not even a vm)
Dave
Jeff Kell wrote:
> Dave Nelson wrote:
>
>> IIRC Microsoft's reasoning for not shipping SP3 with a newer version was
>> that their license for flash only covered the older version that they
>>
Dave Nelson
Sent: Monday, June 02, 2008 6:26 PM
To: Paul Ferguson
Cc: funsec@linuxbox.org
Subject: Re: [funsec] XP SP3 Installs Older,Vulnerable Version of Flash
Player
IIRC Microsoft's reasoning for not shipping SP3 with a newer version was
that their license for flash only covered the older ve
Dave Nelson wrote:
> IIRC Microsoft's reasoning for not shipping SP3 with a newer version was
> that their license for flash only covered the older version that they
> include in the update.
Does it reinstall the older ActiveX, the older plugin [e.g., Firefox],
or both?
Jeff
__
IIRC Microsoft's reasoning for not shipping SP3 with a newer version was
that their license for flash only covered the older version that they
include in the update.
Personally I'd have rather seen them not include the file at all if it
wasn't the most recent release, which really wouldn't have
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yes, you read that correctly:
"It appears that XP service pack 3 installs an older vulnerable
version of the flash player, causing those systems to be vulnerable
to these vulnerabilities."
More:
http://isc.sans.org/diary.html?storyid=4513
Why is thi
