MS06-020: Vulnerabilities in Macromedia Flash Player from Adobe could allow remote code execution

Support for Windows XP has ended

Microsoft ended support for Windows XP on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

This article has been archived. It is offered "as is" and will no longer be updated.
Microsoft has released security bulletin MS06-020. The security bulletin contains all the relevant information about the security update for Macromedia Flash Player from Adobe. This includes file manifest information and deployment options. To view the security bulletin, visit one of the following Microsoft Web sites:

Known issues

Consider the following scenario. Users install Flash Player 7 or Flash Player 8 on a computer that previously had a version of Flash Player 6 installed on it. The MS06-020 security update was not installed on that version of Flash Player 6. Users then uninstall Flash Player 7 or Flash Player 8. Thereafter, they will be offered the MS06-020 security update every time that they visit the Windows Update or the Microsoft Update sites. If users enable Automatic Updates, they will also be offered the MS06-020 security update through that mechanism.

In these cases, the MS06-020 security update will not install, and users will receive the following error:
The version of Macromedia Flash you have installed does not match the update you are trying to install.
Windows Update, Microsoft Update, and Automatic Updates will continue to offer the MS06-020 security update.

Note This problem does not occur if users install the MS06-020 security update on a system with Flash Player 6 before they install Flash Player 7 or Flash Player 8.
There are three methods to work around this problem. Any one of these workarounds will prevent Windows Update, Microsoft Update, and Automatic Updates from offering to install the MS06-020 security update. These workarounds are as follows:
  • Visit the Windows Update or Microsoft Update home pages. Locate the MS06-020 security update in the list of updates that are offered. This update will appear as “Security Update for Macromedia Flash 6 (KB913433).” Click the plus sign next to the update, and then click to select the Don’t show me this update again check box.
  • Locate and delete the following files on your computer:
    • Flash.ocx
    • Swflash.ocx
    Note One or both of these files may be installed on your computer. Typically, these files are installed in the %windir%\system32\Macromed folder.
  • Install the latest version of Flash Player. For more information, visit the following Adobe Web site:
Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

Note This issue does not leave the user’s system in an insecure state where the Flash Player is concerned, even though the security update could not be installed. The security update cannot be installed because the Flash Player files are present, but they are not registered. Because they are not registered, the Flash Player cannot be run. As soon as one of the files are reregistered, the user will resume receiving security updates through the regular channels.
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000

Article ID: 913433 - Last Review: 12/09/2015 04:24:22 - Revision: 4.0

Microsoft Windows XP Home Edition, Microsoft Windows XP Professional

  • kbnosurvey kbarchive kbqfe kbsecurity kbsecbulletin kbsecvulnerability kbwinxppresp2fix kbbug kbfix kbwinserv2003presp1fix kbwin2000presp5fix kbwinnt400presp7fix KB913433