Closed Bug 1263476 Opened 4 years ago Closed 4 years ago

Plugin block request: Flash Player 21.0.0.197, 18.0.0.333, 11.2.202.577 and earlier

Categories

(Toolkit :: Blocklist Policy Requests, defect, critical)

defect
Not set
critical

Tracking

()

RESOLVED FIXED

People

(Reporter: philipp, Assigned: eviljeff)

Details

(Whiteboard: [plugin])

Plugin name: Adobe Flash Player
Plugin versions to block: 21.0.0.197, 18.0.0.333, 11.2.202.577 and earlier
Applications, versions, and platforms affected: Windows
Block severity: 

How does this plugin appear in about:plugins?
    File: NPSWF32_21_0_0_197.dll/NPSWF64_21_0_0_197.dll
    Version: 21.0.0.197
    Description: Shockwave Flash 21.0 r0

Homepage and other references and contact info: 
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html

Reasons:
According to Kaspersky the zero-day that got fixed hastily last week is already "aggressively distributed in two exploit kits" and used to infect victims with cryptolocker ransomware.
https://threatpost.com/latest-flash-zero-day-being-used-to-push-ransomware/117248/
Assignee: nobody → awilliamson
Andrew, I'm on PTO this week and won't be able to get to this until Tuesday April 19th. If this can't wait till then, maybe you can ping the SV team and see if they can go through the blocklist using the wiki [1]. They can also take a look at an older bug [2] if they need an example.

If this can wait will Tuesday April 19th, I'll handle it :)

[1] https://wiki.mozilla.org/Blocklisting/Testing
[2] https://bugzilla.mozilla.org/show_bug.cgi?id=1235435
I can confirm for p817, but couldn't get a working Linux setup to test this :|

Maybe Matt can continue here?
Flags: needinfo?(mwobensmith)
the second block was supposed to be:
https://addons-dev.allizom.org/en-US/firefox/blocked/p818
I think the SV team is on board to test this in Kamil's absence, as per comment 2.

Florin, do you know who might have the ability to do this?
Flags: needinfo?(mwobensmith) → needinfo?(florin.mezei)
Setting ni? to Andrei so we can get someone on this tomorrow morning.
Flags: needinfo?(florin.mezei) → needinfo?(andrei.vaida)
I've managed to complete the requested testing on the following environments:

Windows 10x86
-------------
21.0.0.197
File: NPSWF32_21_0_0_197.dll
Path: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_197.dll
Version: 21.0.0.197
State: Enabled (STATE_VULNERABLE_UPDATE_AVAILABLE)
Shockwave Flash 21.0 r0
-> Checked Logging: Blocklist state for Shockwave Flash changed from 0 to 4
-> Correctly being pointed towards: /blocked/p817
-> Ensured you cannot select "always active" under about:addons
-> Build used: 48.0a1 Nightly, buildID 20160412050029.

18.0.0.333
File: NPSWF32_18_0_0_333.dll
Path: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_333.dll
Version: 18.0.0.333
State: Enabled (STATE_VULNERABLE_UPDATE_AVAILABLE)
Shockwave Flash 18.0 r0
-> Checked Logging: Blocklist state for Shockwave Flash changed from 0 to 4
-> Correctly being pointed towards: /blocked/p818
-> Ensured you cannot select "always active" under about:addons
-> Build used: 46.0b10, buildID 20160411042519.

Ubuntu 14.04 x64
----------------
11.2.202.554
File: libflashplayer.so
Path: /usr/lib/mozilla/plugins/libflashplayer.so
Version: 11.2.202.577
State: Enabled (STATE_VULNERABLE_UPDATE_AVAILABLE)
Shockwave Flash 11.2 r202
-> Checked Logging: Blocklist state for Shockwave Flash changed from 0 to 4
-> Correctly being pointed towards: /blocked/p819
-> Ensured you cannot select "always active" under about:addons
-> Build used: 46.0b10, buildID 20160411042519.

MAC OS X 10.10.5
----------------
21.0.0.197
File: Flash Player.plugin
Path: /Library/Internet Plug-Ins/Flash Player.plugin
Version: 21.0.0.197
State: Enabled (STATE_VULNERABLE_UPDATE_AVAILABLE)
Shockwave Flash 21.0 r0
-> Checked Logging: Blocklist state for Shockwave Flash changed from 0 to 4
-> Correctly being pointed towards: /blocked/p817
-> Ensured you cannot select "always active" under about:addons
-> Build used: Fx 45.0.2, buildID 20160407164938.

18.0.0.333
File: Flash Player.plugin
Path: /Library/Internet Plug-Ins/Flash Player.plugin
Version: 18.0.0.333
State: Enabled (STATE_VULNERABLE_UPDATE_AVAILABLE)
Shockwave Flash 18.0 r0
-> Checked Logging: Blocklist state for Shockwave Flash changed from 0 to 4
-> Correctly being pointed towards: /blocked/p818
-> Ensured you cannot select "always active" under about:addons
-> Build used: 48.0a1 Nightly, buildID 20160413030239.
Flags: needinfo?(kjozwiak)
Flags: needinfo?(andrei.vaida)
Blocks are live:

Flash Player Plugin 20.0.0.306 to 21.0.0.197 (click-to-play)
https://addons.mozilla.org/blocked/p1148

Flash Player Plugin 18.0.0.329 to 18.0.0.333 (click-to-play)
https://addons.mozilla.org/blocked/p1149

Flash Player Plugin on Linux 11.2.202.569 to 11.2.202.577 (click-to-play)
https://addons.mozilla.org/blocked/p1150
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.