Yes,
I really believe Adobe Flash is evil. I've never liked flash, and never will.
So here's what's happening: I use firefox with adblock+ and flashblock. I'm ALWAYS running spybot S&D.
I set the flash to not update, disabled the flash player in IE.
I only use IE on localhost, when programming.

And STILL, that flash update popped up on me this morning on startup. I'm furious at them.
HOW did that happen?! I never catch any viruses or spyware, but still... They actually managed to get their sh*t running on my computer!!!!
It might as well have been a virus or spyware!? They must be using the same techniques spyware makers would use!?
They managed to run their sh*t on MY computer without my permission!? Not only without my permission, but without me noticing...
If that is not spyware-like behaviour, I don't know...
And S&D didn't notice either..!?

And S&D didn't notice either..!?
Well, Adobe Flash Player is legitimate as far as I know. Spybot-Search&Destroy marking it as malicious would be a false positive.

Trust me, there's no need to freak out if you found out Adobe Flash Player was installed accidentally or coincidentally.
You can always uninstall the Flash Player.

Yes,
I really believe Adobe Flash is evil. I've never liked flash, and never will.
So here's what's happening: I use firefox with adblock+ and flashblock. I'm ALWAYS running spybot S&D.
I set the flash to not update, disabled the flash player in IE.
I only use IE on localhost, when programming.

And STILL, that flash update popped up on me this morning on startup. I'm furious at them.
HOW did that happen?! I never catch any viruses or spyware, but still... They actually managed to get their sh*t running on my computer!!!!
It might as well have been a virus or spyware!? They must be using the same techniques spyware makers would use!?
They managed to run their sh*t on MY computer without my permission!? Not only without my permission, but without me noticing...
If that is not spyware-like behaviour, I don't know...
And S&D didn't notice either..!?
I initially missed your statement that you disabled rather than uninstalled Flash from the PC. If Flash is installed, then when you reach a page which contains a Flash animation, most such pages contain an application that checks the current flash version. If it's either not present or out of date, the application will offer the update.

There's nothing at all spyware like in this, since you've consented to running the application by accessing the web site. The update is merely offered, not force installed, so you still have a choice whether the install will occur.

If you don't wish to see this prompt, the simplest thing to do would be to remove Flash completely from your PC. However, it might still be offered since there'd now be no installation of Flash in place. This may be annoying, but it's based on the site having a Flash animation. I'm actually glad to see how aggressively Adobe is offering these updates to older installations, since most of these older versions contain significant numbers of vulnerabilities that can be exploited by malware, so they should be upgraded even if they aren't normally being used.

Bitman

I started having the same problem, a notification that a flash update is available every time I booted up.

I tried installing the update and was told that it would take effect the next time I rebooted. Well the next time, I was notified that the same update was available.

I went to the link that was provided to "turn notifications off". But alas, I still keep receiving the notifications.

Over the weekend I applied some Microsoft security updates to 3 of my other XP machines. Well, 2 of those 3 are now exhibiting the same behavior.

I contacted Adobe support and received a reply to follow the link and turn off the notifications. Well I had told them that I had already done that AND sent them screen prints of what I was doing. Obviously, they don't have a person reading the support request. I would suspect that it is just a scanning filter that looks for key words and sends back a canned response.

I replied to that and I'll see where it goes, but for now... 3 machines all telling me that an update is available, when I have told them I'm not interested. This is probably going to be a finger pointing session between Adobe and Microsoft, each claiming that the other is to blame...

I'll let you know what happens.....

No, Adobe and Microsoft both know exactly what they're doing and why, unfortunately though the update itself just doesn't always work properly.

What most people aren't aware of is that for a significant period of time, Microsoft operating systems were shipped with a version of Flash or had it included in an installation of Internet Explorer 6 SP1 on older systems. This version of course contained many vulnerabilities and few users ever bothered to update it, leaving them vulnerable to attack. In an attempt to fix this the following update was supplied by Microsoft on May 9, 2006.

Microsoft Security Bulletin MS06-020
Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (913433) (http://www.microsoft.com/technet/security/bulletin/MS06-020.mspx)

The known issues and workaround for that particular update are covered in the following Microsoft Knowledgebase article.

MS06-020: Vulnerabilities in Macromedia Flash Player from Adobe could allow remote code execution (http://support.microsoft.com/kb/913433)

Of course, your particular issue could be due to a later version update, so in this case the best bet would be to use the Adobe troubleshooting procedures instead.

Troubleshoot Adobe Flash Player installation for Windows (http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_19166#internet%20explorer)

In any case, ignoring the update issue simply leaves your PC at risk, since the vulnerabilities in the installed version still exist. If you want them gone you must at least perform the uninstall of the existing Flash Player in the preceeding Adobe document.

Bitman

I agree with you 100% about having flash updated to reduce vulnerabilities... but if you read my post I said, I installed the latest update, and flash continues to inform me that THE SAME update is available.

The problem is not that the update hasn't taken... its that it does not update a system correctly to a) recognize that it has been updated and b) doesn't respond to Adobe's own utility to turn off an annoying notification.

And yes, FYI, I went through that troubleshooting procedure.. to no avail.

Which exact update is it continually offering, you've never stated that or is the message too generic? The known issues section of the 'MS06-020: Vulnerabilities in Macromedia Flash Player from Adobe could allow remote code execution' describes exactly such a scenario for that particular update, though the same issue might exist for later versions.

I assume you mean the Adobe Trouble Shooting procedure, though again you state no particulars. Is it failing to uninstall or claiming to and then still repetatively attempting to update?

Though the original issue mentioned above occured due to a version of Flash being included within Microsoft releases, the core issue with updates is really an Adobe problem. If their updates can't properly detect installations of older versions than they should be re-written to detect and uninstall them first, or an uninstaller provided to do this seperately.

I'd be surprised if you'd find much help directly from Adobe other than online, I doubt they have the manpower for personal support available for a free product. I'd personally look for other forums where these issues are discussed in more depth, since I've heard these complaints many times so I'm sure there are lots of discussions of potential solutions.

Bitman

Yes, but just because it says that the 'patch' is for Adobe Flash, does that mean that it has anything to do with Adobe Flash?

I clicked ok earlier today. Later on in the night I got suspicious. I went to the AdobeFlash.com site... Unless I'm blind, there are no Security Patches to get from there. Now I'm in deep d_od_o, probably(??)

Just my .02 cents.

Oh and one more thing...does President Obama have that internet czar that he was looking to appoint? If it is a virus, we need someone to go after these guys... maybe even send our army after them. They are probably in a different country, and if so, that makes it an international issue.

Never mind. My bad. This does not apply to this incident. :rolleyes:

I went to www.adobeflash.com and got fooled. It is only a pseudo-site.

Going to:
http://www.adobe.com/support/security/bulletins/apsb09-10.html displays:


Security updates available for Adobe Flash Player, Adobe Reader and Acrobat

Release date: July 30, 2009

Last updated: September 9, 2009... so it's probably not a virus.

Instead of installing the Flash Update I would go and do this:

find the full Flash installation kit, download that and install it over the older version. I bet this will fix the notification windows that pops up every time when you restart.

Instead of installing the Flash Update I would go and do this:

find the full Flash installation kit, download that and install it over the older version. I bet this will fix the notification windows that pops up every time when you restart.

Adobe took away the stand alone flash installers more than a few months ago, there are no stand alone installers available to the general public anymore.

In order to get one you have to go through the licensing application and explain to them you are an IT admin. running a network and then they will provide you a link to the stand alone network deployment installers,
then you can update each machine offline with the stand alone .exe

_________

and as for the "fash player" behaves like a virus

for quite some time now Adobe has employed Rootkit technology in all of their "Paid for" Products such as Adobe Acrobat (PDF creator); Adobe Audition (sound recording / editing); Adobe Premier Pro (Video editing suite) etc.
they use Rootkit technology to write specific info to the hard disk on which the program is installed and install a service called AdobeLM.svc which looks for both the HDD serial number calling it directly from the HDD and also locating their hidden info which was written to the disk at install in a location that is not user accessible, if you upgrade or otherwise replace your HDD due to failure or just needing a larger disk then your license becomes invalid and must be reactivated.