Jump to content

Recommended Posts

I am using the latest version of KIS 2011 and I face a problem regarding the following vulnerability:

http://www.securelist.com/en/advisories/41065/

Despite the fact that I am using the latest version of Adobe Shockwave 11.5.9.615. KIS keeps on appearing this vulnerability which was first appeared on 25th of August, according to the website. I have tried to uninstall Adobe Shockwave with Revo Uninstaller and then reinstall it but without result. Is there anyone else having the same problem?

Thank you in advance

Share this post


Link to post

where is the vulnerable file being detected? if it isn't in the windows system directories then it is referencing shockwave bundled with one of your applications in the program files directory. as long as the latest version is installed and registered anyway your system will default to that instead and not the older one.

Share this post


Link to post

I followed your advice but without result.

I just noticed that now the vulnerability name changed to 11.5.9 ( http://img190.imageshack.us/i/79959639.jpg/ ). However, when I click on "Details", the advice is still to update to version 11.5.8.612 or later.

KIS recognises that I have the latest version but keeps on appearing the vulenrability. There seems to be a bug.

Edited by novice12

Share this post


Link to post
I followed your advice but without result.

I just noticed that now the vulnerability name changed to 11.5.9 ( http://img190.imageshack.us/i/79959639.jpg/ ). However, when I click on "Details", the advice is still to update to version 11.5.8.612 or later.

KIS recognises that I have the latest version but keeps on appearing the vulenrability. There seems to be a bug.

Just let KIS delete the vulnerable file and and Shockwave will be fine and so will KIS. Just forget about Netscape.

Edited by alan1476

Share this post


Link to post
I followed your advice but without result.

I just noticed that now the vulnerability name changed to 11.5.9 ( http://img190.imageshack.us/i/79959639.jpg/ ). However, when I click on "Details", the advice is still to update to version 11.5.8.612 or later.

KIS recognises that I have the latest version but keeps on appearing the vulenrability. There seems to be a bug.

is that after running another scan? sorry forgot to mention to run scan again. It should clear it however there is a known bug in build 11.0.1.400 where some don't get cleared. It will be fixed in CF2 hopefully or soon after via another patch.

 

as for deleting files and forgetting about netscape, this is not wise if you use firefox or chrome etc which use the netscape (non-IE) plugin files too.

Edited by antikythera

Share this post


Link to post
is that after running another scan? sorry forgot to mention to run scan again. It should clear it however there is a known bug in build 11.0.1.400 where some don't get cleared. It will be fixed in CF2 hopefully or soon after via another patch.

 

as for deleting files and forgetting about netscape, this is not wise if you use firefox or chrome etc which use the netscape (non-IE) plugin files too.

 

I don't know about FireFox as I don't use it, but Chrome advises that the Flash Plugin in integrated with Chrome in their browser installation and I think (but am not sure) that Shockwave may not need to be installed separately. I know I used to have both a Flash Player Active X and a Flash Player Plug-in installed on my system, and now there is only a Flash Player Active X showing in the Add/Remove Programs and one entry for Shockwave.

 

 

 

 

Share this post


Link to post
is that after running another scan? sorry forgot to mention to run scan again. It should clear it however there is a known bug in build 11.0.1.400 where some don't get cleared. It will be fixed in CF2 hopefully or soon after via another patch.

 

as for deleting files and forgetting about netscape, this is not wise if you use firefox or chrome etc which use the netscape (non-IE) plugin files too.

 

That is after running another scan.

I use Internet Explorer 8 and neither Firefox nor chrome. Should I delete the files manually? Or had I better just ignore them?

Edited by novice12

Share this post


Link to post
Thanks!

I have a similar problem with this only I have not downloaded it. I have for some time had great problems with anything Adobe and now have the essential stuff. But am curious why the Shock wave is coming up as it does with my KIS2011 556 (B).

 

Current position is now have Flash Player 10 ActiveX 10.1.102.64, Reader "X" 10.0.0, and AIR 2.5.1.17730 which are working.

 

I tried to download the Shock Wave player and got an instant NO NO (mustard coloured window) from my Kaspersky IS 2011 so didn't download. Any ideas on what this is all about? A friend told me that this was maybe something to do with Norton but as I do not have or have ever had the product on the desktop - how come?

 

Am also wondering because my KIS is throwing report details (x2) that quote Adobe as an extremely criticality (PDF plug in for firefox and netscape). Can I get rid of these reports or the source of them being thrown up? Anyway I suppose this would be better answered in a separate security thread?

 

Share this post


Link to post

Please post screenshot of the download warning, and screenshot of the two vulnerability detections.

 

Post screenshot of Detected > Active threats. With columns widened to show full detected and name and object and path/location details.

 

How to take and post screenshot: PrtSc (Print screen) key (upper right part of keyboard)> open Paint (Start > All programs > Accessories) > Edit > Paste, File > Save as (jpeg or

png, Not bmp). When replying, Browse > click once to select file > Open > Upload > add reply.

Share this post


Link to post

Hi

 

All versions of shockwave tend to leave "old" files behind ....an example of these are dll.ocx type within both adobe folders and system (i1386) folders.

It is recommended prior to updating new shockwave versions, to uninstall all previous versions first, using the vendor's own removal tool.

I have provided a link for the "removal tool" and all updated versions of the player here, so you can decide which version you need depending on the browser you are using.

 

Further help via shockwave FAQ's can be viewed here

 

Hope this helps

:D

Edited by oldyorkie

Share this post


Link to post
Please post screenshot of the download warning, and screenshot of the two vulnerability detections.

 

Post screenshot of Detected > Active threats. With columns widened to show full detected and name and object and path/location details.

 

How to take and post screenshot: PrtSc (Print screen) key (upper right part of keyboard)> open Paint (Start > All programs > Accessories) > Edit > Paste, File > Save as (jpeg or

png, Not bmp). When replying, Browse > click once to select file > Open > Upload > add reply.

Ok rich I'll do that as soon as I can work it out as I am just a novice at this right now and at the moment I have to get to work shortly.

 

In the ordinary report (top "reports" start up panel) there are no detected threats just a growing stack of purple vunerabilities in the bottom chart line. Opening the reports here just gives me a list of what I have done on the day - scans, spam messages, updates etc - no threats.

 

The two vunerabilities that are concerning me I get from the front panel Vunerabilty scan in Tools which when details are opened it states the extreme criticals. These two appear to be the same old ones but increase the list by two each time I boot.

 

So am just getting what is to me confusing & seemingly contradicting information from the two diferent sources.

J)

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.