Page 1 of 2 12 LastLast
Results 1 to 25 of 27
Like Tree3Likes
  1. Sonic77's Avatar
    CrackBerry Abuser

    Posts
    379 Posts
    Global Posts
    428 Global Posts
    Thread AuthorThread Author   #1  

    Default RIM: Disable FLASH due to security issues?

    A lot of people getting clearout playbooks and updating to the current OS 2.0.1.358.

    It appears with that OS version,
    RIM has been recommending since 8/2 to disable Flash, and no update is available?

    KB31675-UPDATED BSRT-2012-003 Vulnerabilities in Adobe Flash Player version included with the BlackBerry PlayBook tablet software

    "
    For users that were unable to update to BlackBerry PlayBook software version 2.0.1.668, RIM strongly recommends completing the following workaround instructions to fully protect the BlackBerry PlayBook tablet against the vulnerabilities in this advisory.

    This risk can only be mitigated by temporarily disabling all Adobe Flash content in the browser on the BlackBerry PlayBook tablet (in the browser, tap Options > Content, and set Enable Flash to Off).
    "
    Last edited by Sonic77; 09-09-2012 at 07:12 PM.
    Thanked by 2:
    Anna Key (09-11-2012),  twstd.reality (09-09-2012) 
  2. BB_Bmore's Avatar
    CrackBerry Genius

    Posts
    3,844 Posts
    Global Posts
    3,856 Global Posts
    PIN
    excepting applications
    #2  

    Default

    In on 2.1.0.840.....no worries here
    I waited...It launched...Im still waiting...
  3. howarmat's Avatar

    Posts
    22,817 Posts
    Global Posts
    23,375 Global Posts
    PIN
    24DA0A39
    #3  

    Default

    upgrade to the beta or disable flash. 2 easiest option right now. updating to the beta is easiest and really doesnt have any dealbreakers. Just as buggy as OS 2 is really
    ~Matt
    Nexus 5, Z10 LE, White Lumia 521, 32GB Nook HD+ & 16GB PB, 32 GB Dell Venue 8 Pro
    @howarmat
    diegonei likes this.
  4. taz323's Avatar
    CrackBerry Addict

    Posts
    727 Posts
    Global Posts
    5,863 Global Posts
    #4  

    Default

    So lf you have the. 668, what you should be ok
  5. howarmat's Avatar

    Posts
    22,817 Posts
    Global Posts
    23,375 Global Posts
    PIN
    24DA0A39
    #5  

    Default

    if you were lucky to get 668 you can remain there. There are issues with 668 that might make you want to downgrade though. its up to you
    ~Matt
    Nexus 5, Z10 LE, White Lumia 521, 32GB Nook HD+ & 16GB PB, 32 GB Dell Venue 8 Pro
    @howarmat
  6. taz323's Avatar
    CrackBerry Addict

    Posts
    727 Posts
    Global Posts
    5,863 Global Posts
    #6  

    Default

    So far the only issue I've come across is it gets alittle warmer than normal,was hoping to hold here until 2.1, whenever that might be.
  7. elmit22's Avatar
    CrackBerry Abuser

    Posts
    168 Posts
    Global Posts
    170 Global Posts
    #7  

    Default

    So what were the issues with 668 i installed it in my PB and i have noticed nothing wrong with it ?
  8. howarmat's Avatar

    Posts
    22,817 Posts
    Global Posts
    23,375 Global Posts
    PIN
    24DA0A39
    #8  

    Default

    for some reason it has more battery usage and runs warmer as stated above. Those are the biggest issues.
    ~Matt
    Nexus 5, Z10 LE, White Lumia 521, 32GB Nook HD+ & 16GB PB, 32 GB Dell Venue 8 Pro
    @howarmat
  9. n8tiveg's Avatar
    CrackBerry Abuser

    Posts
    314 Posts
    #9  

    Default

    I was under the impression that they fixed that issue as when. 668 went out even the beta users received a small update like 3mb. That didn't change the build number, so thinking that when. 668 was pulled that update was added to the old build. Though that is speculation on my point.
  10. sagec's Avatar
    CrackBerry Abuser

    Posts
    298 Posts
    #10  

    Default

    This is absolutely unnacceptable for a professional grade tablet.
    Inch by inch, life's a cinch. Yard by yard, it's very hard.
    Thanked by:
    MrNutt (09-11-2012) 
    MrNutt likes this.
  11. Chaddface's Avatar
    CrackBerry Genius

    Posts
    3,508 Posts
    #11  

    Default

    Quote Originally Posted by elmit22 View Post
    So what were the issues with 668 i installed it in my PB and i have noticed nothing wrong with it ?
    If you don't have any problems with .668 then there is no reason to make a change. The majority of users(on this forum) that updated to .668 have had no issues.
  12. melander's Avatar
    CrackBerry Abuser

    Posts
    274 Posts
    #12  

    Default

    The version in 2.0.1.358 is listed as 11.1 r121 when I got to the mozilla plugin checker website.

    What version of Flash does 2.0.1.668 and 2.1 beta have?

    Regarding professional grade tablets and what is acceptable or not, the ONLY tablets that will have upgraded Flash are the Windows based tablets. People thought Adobe really was abandoning flash because it was "loosing" to HTML5. In retrospect, Microsoft is Winning ,
    check!,
    "+=",
    "Adobe_stops_support_of_flash_for_PB_then_Android_ and?!"
  13. Chaddface's Avatar
    CrackBerry Genius

    Posts
    3,508 Posts
    #13  

    Default

    .668 has 11.1.121.42 according to About>OS
  14. melander's Avatar
    CrackBerry Abuser

    Posts
    274 Posts
    #14  

    Default

    Quote Originally Posted by Chaddface View Post
    .668 has 11.1.121.42 according to About>OS
    Thanks for that tip of where to find the complete version.
    11.2.121.38 in the About screen on .358.

    Anybody know what version 2.1 BETA has?
  15. Sonic77's Avatar
    CrackBerry Abuser

    Posts
    379 Posts
    Global Posts
    428 Global Posts
    Thread AuthorThread Author   #15  

    Default

    Quote Originally Posted by sagec View Post
    This is absolutely unnacceptable for a professional grade tablet.
    The setup process forces new users to update to 358 out of the box, and it defaults to having Flash turned on, despite RIM knowing for over a month it has major security issues.

    You'd think at least they would have pushed out a required update that has Flash disabled until a fix is available?
    jpash549 likes this.
  16. bighap's Avatar
    CrackBerry Master

    Posts
    1,419 Posts
    Global Posts
    1,420 Global Posts
    #16  

    Default

    Beta OS 2.1.0.840 has 11.1.121.63
  17. ryacht's Avatar
    CrackBerry Abuser

    Posts
    115 Posts
    #17  

    Default

    Quote Originally Posted by Sonic77 View Post
    The setup process forces new users to update to 358 out of the box, and it defaults to having Flash turned on, despite RIM knowing for over a month it has major security issues.

    You'd think at least they would have pushed out a required update that has Flash disabled until a fix is available?
    Right!!! Bad job of RIM! I expect better.

    Apart from that, is that Flash Vulnerability really harmful on various plattforms? If bad guys want to install malware, it's usually Windows based code, that couldn't run on a playbook. Is this here different?

    Ray
  18. skyrocket9's Avatar
    Banned

    Posts
    1,015 Posts
    Global Posts
    1,023 Global Posts
    #18  

    Default

    I have the 32gb pb, I didn't even check what software it has. Just bought it last week and it downloaded some update. What should I be checking for.

    Sent from my BlackBerry 9900 using Tapatalk
  19. melander's Avatar
    CrackBerry Abuser

    Posts
    274 Posts
    #19  

    Default

    Quote Originally Posted by ryacht View Post
    Right!!! Bad job of RIM! I expect better.

    Apart from that, is that Flash Vulnerability really harmful on various plattforms? If bad guys want to install malware, it's usually Windows based code, that couldn't run on a playbook. Is this here different?

    Ray
    True that RCE (Remote Code Execution) will most likely target Windows systems, but to rely on no specific Playbook threats is security through obscurity. If someone is interested enough, they will code malware to a platform of their liking.

    However, I personally feel safer on a Playbook.

    Adobe lists priority ratings per change log, and in the latest vulnerability they list Windows as priority 1, Macintosh as priority 2, and Linux and Android at priority 3.



    Priority 1 This update resolves vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild for a given product version and platform. Adobe recommends administrators install the update as soon as possible. (for instance, within 72 hours).

    Priority 2 This update resolves vulnerabilities in a product that has historically been at elevated risk. There are currently no known exploits. Based on previous experience, we do not anticipate exploits are imminent. As a best practice, Adobe recommends administrators install the update soon (for instance, within 30 days).

    Priority 3 This update resolves vulnerabilities in a product that has historically not been a target for attackers. Adobe recommends administrators install the update at their discretion.
    See for priority explanations:
    Adobe - Security severity ratings

    See the latest security bulletin:
    Adobe - Security Bulletins: APSB12-19 - Security updates available for Adobe Flash Player
  20. baggins15's Avatar
    CrackBerry User

    Posts
    28 Posts
    #20  

    Default

    Quote Originally Posted by melander View Post
    Thanks for that tip of where to find the complete version.
    11.2.121.38 in the About screen on .358.

    Anybody know what version 2.1 BETA has?
    11.1.121.63 is what I have on my 2.1.0.840
  21. Rimfun's Avatar
    Banned

    Posts
    18 Posts
    #21  

    Default

    Maybe this is the one thing that RIM should've copied Apple on and stayed away from flash...
  22. pacoman03's Avatar
    CrackBerry Genius

    Posts
    3,114 Posts
    #22  

    Default

    I think some of you are being way too paranoid. What are the odds that anyone is going to target the PB to exploit this supposed vulnerability, and then what are the odds that you will then happen to click on some flash content that is targeted at the PB's vulnerability? Now, as to your Windows based desktop, that's another story.
  23. westronic's Avatar
    CrackBerry User

    Posts
    88 Posts
    Global Posts
    1,079 Global Posts
    #23  

    Default

    Quote Originally Posted by melander View Post
    thanks for that tip of where to find the complete version.
    11.2.121.38 in the about screen on .358.

    Anybody know what version 2.1 beta has?
    11.1.121.63
  24. just_luc's Avatar

    Posts
    3,010 Posts
    Global Posts
    3,059 Global Posts
    PIN
    24BF22A0
    #24  

    Default

    Quote Originally Posted by Sonic77 View Post
    You'd think at least they would have pushed out a required update that has Flash disabled until a fix is available?
    I disagree. For the majority of users the threat is a non issue. Chances of becoming infected are slim, and even if they did most aren't keeping anything that sensitive on their devices.

    Those who are obviously need to be mindful to turn off flash until there is a fix, but for the majority of novice users it's better to leave it on out of the box and maintain that superior browsing experience. Other wise the security efforts which aren't necessary for these users are impacting performance and their general impressions of their new tablet, leading to returns and/or poor reviews and word of mouth.

    Leaving it on is the right thing to do.


    RIM 950 .... Blackberry Z10 (STL100-3 on hybrid OS 10.3.0.140/misc) and everything in between
    + Playbook 32GB
  25. Anna Key's Avatar
    CrackBerry User

    Posts
    41 Posts
    #25  

    Default

    Thank You Sonic77. Had it not been for this forum and your post I'd be none the wiser.
Page 1 of 2 12 LastLast

Posting Permissions