Microsoft Security Advisory for Flash

Microsoft published a security bulletin for Flash 6 which is included in Windows XP. MSKB 979267 recommends removing Flash 6 and installing the latest version of Flash from Adobe.

Maybe its just me, but I think since Microsoft included Flash 6 in the default XP install, shouldn’t they be responsible for patching it? Flash should be part of Microsoft Update.

Fortunately Flash 6 is ancient. I believe a lot of Flash content will prompt you to upgrade to Flash 8 or 9 rather than allow you to use such an old version. Even so, a lot of vulnerable Flash remains.


  1. This install is why e.g. Secunia has to search all of your windows folder to find older/vulnerable flash files, it is not a ‘proper’ flash install. Microsoft should not include such programs with their OS. I can see including device drivers for 3rd party hardware, but including 3rd party runtimes? I’ve installed XP a million times and I’ve never seen that Flash was included.
    MS should issue a remover via windows update. They remove other 3rd party programs — ok, mostly viruses — with their monthly releases.

Comments are closed.