none
Flash and ActiveX RRS feed

  • Question

  • hey All, 

    we have 30+ Desktops in a very secure environment due to Gov Regulation.

    they are running Windows 10 1607 Ent.

    we removed Flash Player (or we thought we did) but it seems than no matter what its still there.

    some users have figured out how to open .SWF files by downloading the file locally and open it with IE then hit the "Allow Blocked Content" prompt.

    anyone knows how to disable that Prompt completely?

    thanks.

     

    Wednesday, March 7, 2018 5:52 AM

Answers

  • Hi,

    You can find the CLSID values of other versions of Flash (Adobe, Macromedia, MS Flash Component) from the Tools>Manage Addons>Show all Addons.

    Depending on the migration path of a machine (eg. XP>IE7>Win10), legacy Flash versions may be still installed on some machines.

    Include those CLSID values in your GPO block list.

    Downloading flv from a website usually requires a third-party browser addon, like Flash-get...you should prevent your uses from installing any un-authorized browser addons or extensions.

    To prevent downloads from internet sites, disable "Allow downloads" in your GPO security templates for the Internet Zone. To harden your network, use GPO to disable user access to the Security tab and Advanced tab of Internet Options. (disable "Enable third-party browser extensions", disable "Allow active content to run in files on my computer", disable "Use SSL". etc.

    Regards.


    Rob^_^


    Thursday, March 8, 2018 8:36 PM

All replies

  • Hi,

    You can find the CLSID values of other versions of Flash (Adobe, Macromedia, MS Flash Component) from the Tools>Manage Addons>Show all Addons.

    Depending on the migration path of a machine (eg. XP>IE7>Win10), legacy Flash versions may be still installed on some machines.

    Include those CLSID values in your GPO block list.

    Downloading flv from a website usually requires a third-party browser addon, like Flash-get...you should prevent your uses from installing any un-authorized browser addons or extensions.

    To prevent downloads from internet sites, disable "Allow downloads" in your GPO security templates for the Internet Zone. To harden your network, use GPO to disable user access to the Security tab and Advanced tab of Internet Options. (disable "Enable third-party browser extensions", disable "Allow active content to run in files on my computer", disable "Use SSL". etc.

    Regards.


    Rob^_^


    Thursday, March 8, 2018 8:36 PM
  • thanks Rob, 

    thats what i ended up doing :)

    Sunday, April 15, 2018 12:49 AM