I've read about serious security problems when using a Flash prog , i.e. Adobe Flash.Now, if i disable flash i'm notable towatch any of the vid's widespread available.Reading [url=http://www.computerworld.com/s/article/9140768/Flash_flaw_puts_most_sites_users_at_risk_say_researchers]THIS article[/url] makes me want to disable Flash for sure.Is it possible within Win7 64bit + IE8 , to toggle Flash on/off ??I've searched and found one prog i really don't trust , it's from " flash_melameth_com.htm.Adobe explained that it is NOT possible to patch the Flash player , so is there a solution or a more trustworthy prog around.

Hi ArcticBloom ,i also read that in anoother security forum pointing out to this article,so im worried as well cuz i use adobe flash player for UT and others...even though i applied publisher rules in applocker for adobe app it still makes it vulnerable IMHO...and i really wish that silverlight could become universal and every site that contains flashplayer content as standard could give the option to watch in silverlight or adobe flashplayer,so in that way microsoft could makea good deal$_$ and also have more control over windows add ons and provide security updates in a more precise way,am i wrong?Regards,RR

1) Sure, if Flash would be replaced anytime with Silverlight, some security issues wouldn't appear anymore. More issues would appear concerning Silverlight, then. So what? 2) From my daily experience - working with MSE, IE8 and Windows Firewall combined - I'm not aware of any threats coming from Flash applications. I've checked that with most of the available online scanners and others. Mobile AMD64 3000+, VIA Apollo K8T800 chipset, 1 G RAM, ATIRadeonMobility 9700, 20x DVDRW, C:XPSP3 (55G),D:WIN7 (25G),F:DATA (250G)

Hola SanMartin que tal?Yah i have the same combination as urs and i havent faced much problems as well!!!!configuring windows firewall encryption and traffic heath makes it pretty much safer than if i d use a third party for example!so thanks for the input and id like to leave a question for ya!!!!is a good idea toconfigure flashplayerutil,.exe from windows firewall in outbound rule or it doesnt make any difference ?coz i have IE and other apps that use internet all configured in my windows firewall,configuring an add-on makes it more scoped or that doesnt make any sense?will be expecting replies :DKind regards,RR

Everyone uses flash player. It's a fact of life. I've never heard of anyone dying from it.If you arecarfull what addons you install and avoid hack sites and adult content you should live a long and healthy life.

Hi Mr.Seven,i totally agree with u in some points,but the issue is not only related to malicious sites ,but with action script,a virus could beinserted in the .fla file which is flash extension that could lead any user who deals with forums and other trusted sites to a virus!u may ask me how? a simple avatar like urs could have a virus in it so everyone who visits the threads in which shows up/loads ur avatar could get infected,im not saying that the antivirus wouldnt detect but flash files are harder to be detected and also emails like gmail someone could upload a malicious content and wide spread it!!so its not just by visiting unknown web sites or malicious that could infect pcs but by simple visiting youtube and watching a video with an attachment containing virus!!Regards,RR

The virus from wathching a video does not come from the actual video but comes from a malicious script that is executed when you hit the play button or when you press the close button which does something other than play the video usually downloads a dll. or .exe. Virus comes from installingthings likeaddons or are packed within malicious downloaded executibles but people are alarmed about images and non executible routines which there are mechanisms in email clients to disable these but for what? The public is confused and mislead about maliciuos code and how it is obtained so computer companies can sell thier AV products for a good price.

Hi MrSeven,i know how action script works,i used to be a web designer and also used to do animations in flash which uses action script!!!im not alarmed but im saying someone could exploit this Vul and create something fucked up and screw with some users!!"The public is confused and mislead about maliciuos code and how it is obtained so computer companies can sell thier AV products for a good price."ehehe good call im also aware about the business stuff hehe but we cant just ignore the problem and nor freak out about i know that!!Paranoia Haz me not anymore heheKind regards,RR

Hi Evader,I see your problem but it's really hard to avoid it. Not using Flash - ok, big parts of the web won't work anymore. Configuring rules for Flash - may be worth a try if you know what to do (without repeating part 1). I prefer the 3d way - living with some vulnerabilities and hoping that standard security rules help to block or reduce the possible impact. A bulletproof system is a daydream, anyway.No habr penas ni olvido! S.M.Mobile AMD64 3000+, VIA Apollo K8T800 chipset, 1 G RAM, ATIRadeonMobility 9700, 20x DVDRW, C:XPSP3 (55G),D:WIN7 (25G),F:DATA (250G)

____ spanish. You have to make the decision. Have you encountered a security issue using flsah player? I myself haven't heard much about it being a security risk so the choice is yours -to sacrifice enjoyable content for higher security.

Hello Sanmartin i missed ur reply hehe :D..i triedto scope flahsutil in firewalland indeed i feltit slightly better scoped while watching UT's videos!!"A bulletproof system is a daydream, anyway" yeah i agree but im feeling like superman with my system HONESTLY!!Hi MrSeven,"____ spanish" lol my first language is portugues(BR) but i speak some spanish after studying 2 years and living in US helps a lot cuz at work i had some spanish speakers friends!"You have to make the decision. Have you encountered a security issue using flsah player? I myself haven't heard much about it being a security risk so the choice is yours -to sacrifice enjoyable content for higher security."Honestly rethinking about the topic ,my opinion regarding this Vul is that my system is almost free from that,considering all GPO configured and reg changes and many other stuff i think it shouldnt be a problem,not counting that MSE defenetly should do the rest of the JOB!!also considering i blocked from GPO .exe,.bat,.inf,.reg,.cmd and others extension downloads i should be all set like that!Kind regards,RRPS: No habr penas ni olvido - i know the translation but didnt get whats the real meaning behind it :D,sorry for sounding stupid ^^...will be expecting some explanation

The sentence is from a song of Carlos Gardel: "Mi Buenos Aires querido / cuando yo te vuelva a ver / no habr ms pena ni olvido." In returning to Buenos Aires, all sorrows will be gone but nothing will be forgotten. Mobile AMD64 3000+, VIA Apollo K8T800 chipset, 1 G RAM, ATIRadeonMobility 9700, 20x DVDRW, C:XPSP3 (55G),D:WIN7 (25G),F:DATA (250G)

Hi SanMartin,I get it :>D nice one ^^,thanks for the teachings hehe ,i now have some argentina culture(i got some background knowledge cuz theres a tv show herein cable tv that un argentino makes coments about news and politics ^^ in argentina)Greetings,RR

The solution is to NOT USE IE.The functionality you seek is readily available from either Opera or Firefox (with the NoScript add-in).Chrome may offer some tunability, but I trust the google guys less than microsoft.I use the Firefox with NoScript to selectively choose what web domains I allow scripting (flash, javascript, etc) from.I also use the BetterPrivacy add on to delete the LSOs (flash cookies) that most web site use to track you web browsing.IE isnot very "tunable" by comparison.

Thanks for the input people.No matter what , there will always security issues lurking around when one is connected to the internet.I was just curious about this issue , that's all.Now , i did some searching and found only one utility which can toggle flash on / off on the fly and that's the one in my first post." flash.melameth.com "I've installed this little proggie and tested it for a few days and it works great and it doesn't use any resources.At first i had my doubts about this one , but nowi see no reason not to use it.It is small - just a little icon in the toolbar and it works , even without " security " in mindthis is useful if one wants to speed up page loading.So to everybody who wants to avoid " Flash " i can recommend this one , and in case one wants to see a vid it can be toggled "on" in a split second.

Toggle flash. Not bad. Who can tell me why I can't embed a flash video here in a Technet thread with the HTML editor? It's there when I hit the update button and after submit: gone!Seasons greetings!

ehehehe yeah and im not even worried about this security "risk" im well protected!!"I also use the BetterPrivacy add on to delete the LSOs (flash cookies) that most web site use to track you web browsing."My-Dysplay_name,would u happen to have ever tried or read about IE8? when u run IE in private browsing means no cookies and all temp stuff will be saved/stored in ur temp/pc folders!!if u dun want to run add-ons u can also click on manage add-ons and disable flash player thats all..IE8 with reg tweaks and GPO is much safe i can assure u!All my best,RRPS: the problem is that IE got stigmatized since IE 6 version the 8 version is a totally different core and its got a whole lotta new features,try it first then comment,and i bet firefox still dun have InPrivate browsing feature!

ok other small and big detail i 4got about IE8 and windows 7 UAC:read this thread: http://social.technet.microsoft.com/Forums/en/w7itprosecurity/thread/9b1c97b2-ab97-44af-af47-9a769776034cRegards,RRPS: almost forgot and thats one more reason for using IE8

i think the issue might have been fixed cuz i received adobe updates for flash player thorugh adobe downloader and referencing to the addressed issue however i decided to download it from adobe's web site to be more certain where im downloading that from...and i still havent found any statement saying that the issue has been fixed in any security articles but if anyone knows anything about plz post it here..Kind regards,RR

http://www.mxlogic.com/securitynews/network-security/latest-flash-security-hole-plugged-says-adobe735.cfm

Thanks Bubbapsguy for posting this.I guess with this new info and patches , thesecurityproblem in the Flash player is solved.A big Thanks ,to all of you .

I am the author of Toggle Flash (http://flash.melameth.com) — and there is no reason not to trust it. All it is is a mechanism for easily disabling and enabling Adobe’s Flash—and it does this in the exact same manner that IE disables or enables Flash. If you don’t want to use Toggle Flash, you can also disable or enable Flash in IE natively—just click Tools, Manage Add-ons, click Shockwave Flash Object and then click Disable or Enable. As for someone’s comment on Flash’s security “problem” being solved, a vulnerability in Flash is found nearly every other week—so I highly recommend people browse with Flash disabled. Toggle Flash has been downloaded over 200,000 times—and is a recommended workaround for Flash security vulnerabilities by numerous security companies (for examples see http://www.securityfocus.com/archive/1/49A43D67.3080609@idefense.com, http://www.foregroundsecurity.com/flash-origin-policy-issues.html and http://www.mycert.org.my/en/services/advisories/mycert/2009/main/detail/646/index.html). Happy Holidays.