Windows Server 2012 R2 and Adobe Flash
My vulnerability scanner keeps screaming that one of my Server 2012 R2 Standard servers is running a vulnerable version of Flash, which I can't find. The server has all the latest Windows Updates and I have uninstalled the User Experience feature and rebooted and rescanned, don't know what else to try on this one.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Maclean
Check windows updates for Flash KB's. Flash updates for Edge on Win8/10/2012 are done through Windows Updates (Or download on the Update Catalog)
Why not just update flash on the adobe site. There's a version for is/edge and one for chrome and Firefox
ASKER
I can't install from the flash site manually because it won't install because it's embedded in server 2012r2 when you enable the desktop experience. I ran windows updates and it shows I'm up to date I searched the Microsoft catalog for the lasted adobe flash update kb4034662 and it's already installed. Don't no what else to try on here.
I reviewed the revision number for KB4034662, which is identical to the most current version from Adobe (Version 26.0.0.151)
Does your security scan show which version it is referring to perhaps? I wonder if the deployment installed, but is failing to work.
If so the only error I am aware of is when your event viewer has Event ID 1001 logged. If so, run sfc /scannow and when done review the c:\windows\system32\cbs\cb
(Might be easier skipping the scan and browsing to c:\windows\system32 and check that the folders Macromed\Flash exist. (e.g. c:\windows\system32\Macromed\Flash) If not, uninstall the KB, manually create the folders, and re-run the update.
If none apply then again review the security warning, it usually tells you which Flash version it detected.
Does your security scan show which version it is referring to perhaps? I wonder if the deployment installed, but is failing to work.
If so the only error I am aware of is when your event viewer has Event ID 1001 logged. If so, run sfc /scannow and when done review the c:\windows\system32\cbs\cb
(Might be easier skipping the scan and browsing to c:\windows\system32 and check that the folders Macromed\Flash exist. (e.g. c:\windows\system32\Macromed\Flash) If not, uninstall the KB, manually create the folders, and re-run the update.
If none apply then again review the security warning, it usually tells you which Flash version it detected.
Is it possible that your security scanner it looking for a flawed update on Windows 2012 R2?
https://forums.adobe.com/thread/1926060
https://forums.adobe.com/thread/1926060
ASKER
The server is also a vcenter server, I think it may be related to that, I'm still looking into that
Can you please post what version of Adobe is running on the server. Please see the following link on how to check this: http://renshollanders.nl/2016/10/check-adobe-flash-version-internet-explorer-active-x-on-server-20122016-and-windows-8-110/
I have not check this myself but wondering if Windows 2012 R2 has 32 and 64bit versions of Adobe Flash and if so are they the same version on your server
I have not check this myself but wondering if Windows 2012 R2 has 32 and 64bit versions of Adobe Flash and if so are they the same version on your server
ASKER
I called the vendor and got them involved, turns out there was one file that was buried that I had to manually remove to clear the finding. The vendor had to turn on debugging for me to see the exact location of the file, thanks for the help.