SVM is showing Flash as the #1 end-of-life install in the dashboard.
c:\windows\system32\macromed\flash\flash.ocx
c:\windows\systemwow64\macromed\flash\flash.ocx
I have installed KB4577586 to remove flash player from Microsoft. We have also patched several times, so I'm pretty sure we have the latest patches from Microsoft.
We also removed "flash for IE/activex" years ago.
I have googled and I can't figure out why these are showing up. If I do a deep search, I find them in the SXS folders as well, so are these just symbolic links? If so why does the console think they are a problem?
This could be an issue of Zombie files been detected by SVM. Zombie files are files that were left behind after removing or applying a product/patch. Software Vulnerability Manager will pick up these files since these are listed in the Software Vulnerability Manager file signature as related to an Insecure or End-Of-Life product.
Select the Hide Zombie Files check box to ensure that zombie files will not be included in any scan results. With the Hide Zombie Files setting enabled, only the highest version of the discovered product will be displayed in the scan results. To activate the Hide Zombie Files setting, please go to configuration > settings, and then a new scan is needed to change the scan results.
