Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Windows Server 2012 R2 and Adobe Flash

Posted on 2017-08-16
9
Medium Priority
?
92 Views
Last Modified: 2017-09-08
My vulnerability scanner keeps screaming that one of my Server 2012 R2 Standard servers is running a vulnerable version of Flash, which I can't find.  The server has all the latest Windows Updates and I have uninstalled the User Experience feature and rebooted and rescanned, don't know what else to try on this one.
0
Comment
Question by:bsjj2727
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 37

Accepted Solution

by:
bbao earned 2000 total points
ID: 42258067
> My vulnerability scanner keeps screaming that one of my Server ... is running a vulnerable version of Flash

i guess you the scanner does have a log showing what have found and from where? just please check the scanner's options first.
0
 
LVL 11

Expert Comment

by:Maclean
ID: 42258073
Check windows updates for Flash KB's. Flash updates for Edge on Win8/10/2012 are done through Windows Updates (Or download on the Update Catalog)
0
 
LVL 7

Expert Comment

by:Network Zero
ID: 42258161
Why not just update flash on the adobe site.  There's  a version for is/edge and one for  chrome and Firefox
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 

Author Comment

by:bsjj2727
ID: 42258634
I can't install from the flash site manually because it won't install because it's embedded in server 2012r2 when you enable the desktop experience. I ran windows updates and it shows I'm up to date I searched the Microsoft catalog for the lasted adobe flash update kb4034662 and it's already installed. Don't no what else to try on here.
0
 
LVL 11

Expert Comment

by:Maclean
ID: 42259437
I reviewed the revision number for KB4034662, which is identical to the most current version from Adobe (Version 26.0.0.151)

Does your security scan show which version it is referring to perhaps? I wonder if the deployment installed, but is failing to work.
If so the only error I am aware of is when your event viewer has Event ID 1001 logged. If so, run sfc /scannow and when done review the c:\windows\system32\cbs\cbs.log file, search for "flash" I wonder if it might refer to error code 8007010b.
(Might be easier skipping the scan and browsing to c:\windows\system32 and check that the folders Macromed\Flash exist. (e.g. c:\windows\system32\Macromed\Flash) If not, uninstall the KB, manually create the folders, and re-run the update.

If none apply then again review the security warning, it usually tells you which Flash version it detected.
0
 
LVL 20

Expert Comment

by:compdigit44
ID: 42262614
Is it possible that your security scanner it looking for a flawed update on Windows 2012 R2?

https://forums.adobe.com/thread/1926060
0
 

Author Comment

by:bsjj2727
ID: 42262645
The server is also a vcenter server, I think it may be related to that, I'm still looking into that
0
 
LVL 20

Expert Comment

by:compdigit44
ID: 42262678
Can you please post what version of Adobe is running on the server. Please see the following link on how to check this: http://renshollanders.nl/2016/10/check-adobe-flash-version-internet-explorer-active-x-on-server-20122016-and-windows-8-110/

I have not check this myself but wondering if Windows 2012 R2 has 32 and 64bit versions of Adobe Flash and if so are they the same version on your server
0
 

Author Closing Comment

by:bsjj2727
ID: 42287093
I called the vendor and got them involved, turns out there was one file that was buried that I had to manually remove to clear the finding.  The vendor had to turn on debugging for me to see the exact location of the file, thanks for the help.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
This article is about my experience upgrading my consulting machine to Windows 10 Version 1709 (The Fall 2017 Creator Update)
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question