- How to unblock adobe flash player on msp windows 10#
- How to unblock adobe flash player on msp windows#
Even if the user some how executed a flash app, the patched binaries on the Windows machine will still block it from running. So this is wrong, I believe, at least in the scenario I have stated. No, this is not correct given the scenario I outlined, because the browsers will not allows Flash to run, and the user without Admin rights cannot change the restriction settings to allow the IE or Edge to use Flash. I am talking vanilla Windows.Īll it could potentially take is a malicious website a user clicks on that has some insecure flash component, and bad things happen. To be clear, I am specifically talking about the Windows Flash, not NPAPI or PAPI versions. See blow link.* So how could an app be launched and work when the Flash binaries will essentially say No, I am not allowed to work anymore.
Please explain in more detail how without admin access, a user could get a flash app to execute with fully patched Flash, IE and/or Edge? I understand that non-admin does not mean secure, that is a basic concept, but without admin access, please explain how the app can launch with the flash that is installed in Windows because it is up to date, will not execute flash apps, that is the timebomb I am talking about*. So what am I missing in this mental exercise. If a bad actor has admin rights to the machine, well Flash Player is the last thing you should be worrying about. If a bad actor has non-admin access to the machine, I can't imagine they could do anything by exploiting Flash, I mean let's say they have a local flash app located on the machine and launch it from there, the timebomb should still stop flash from opening the flash app. Even if the browser did not block it, because flash is patched and has that timebomb in it, it should not launch any websites flash stuff anyway. How is this a security threat? I am thinking IE and Edge, since being fully patched will not allow access to launch any Flash apps, the browser will block it. And that Flash is fully pathed but not removed. No versions of flash are installed except the Windows/IE one. GPO enforces disabling Flash in browsers.
How to unblock adobe flash player on msp windows 10#
Lets say there is a corporate managed Windows 10 PC. I have read a lot about how you must remove flash or else, but I am not sure how in certain circumstances having latent flash files could be a vulnerability.Īgain, this does not apply to me, but I was wondering how latent flash files can be exploited and considered a vulnerability. But as a person who likes to know why things are a security vulnerability, I have some questions for this group.