Yesterday Microsoft issued KB3087040 to address a security vulnerability in Adobe Flash Player that is used on several versions of Windows, Internet Explorer 10/11 and on Microsoft Edge.
While it is great the patch is out users across social media are reporting that the update is failing to install with an error code of 0x80004005.
I can confirm that on all of my Windows 10 systems any attempt to install KB3087040 is failing with this code.
On my Windows RT 8.1 systems this security update installs without any issues.
In order to get around the failed Windows Update install of KB3087040 you can download and install this update as a standalone file using the following links. Just insure you select the file that matches your operating system and architecture (32/64 bit).
- Update for Internet Explorer Flash Player for Windows 8.1 (KB3087040)
- Update for Internet Explorer Flash Player for Windows 8.1 x64-based systems (KB3087040)
- Update for Internet Explorer Flash Player for Windows 8 (KB3087040)
- Update for Internet Explorer Flash Player for Windows 8 x64-based systems (KB3087040)
- Update for Internet Explorer Flash Player for Windows Server 2012 (KB3087040)
- Update for Internet Explorer Flash Player for Windows Server 2012 R2 (KB3087040)
- Update for Flash Player on Windows 10 (x86) (KB3087040)
- Update for Flash Player on Windows 10 (x64) (KB3087040)
The KB3087040 article has full details on how to deploy this security update across your networks.
Here are details of the attack vector with this vulnerability:
In a web-based attack scenario where the user is using Internet Explorer for the desktop, an attacker could host a specially crafted website that is designed to exploit any of these vulnerabilities through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit any of these vulnerabilities. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by clicking a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email.
In a web-based attack scenario where the user is using Internet Explorer in the Windows 8-style UI, an attacker would first need to compromise a website already listed in the Compatibility View (CV) list. An attacker could then host a website that contains specially crafted Flash content designed to exploit any of these vulnerabilities through Internet Explorer and then convince a user to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by clicking a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email.
Let us know if you are seeing the same errors on your systems.
Source: Microsoft TechNet and KB3087040
