Flash is finally, finally dead...
Although the Adobe Flash EOL’s roadmap has been well documented and precise to the day, in traditional Microsoft fashion, the final stake through the heart for Enterprise Flash usage in Windows has been, well, Detail-Soft.
This is the latest from Microsoft on the matter:
In the Summer of 2021 (updated to “July” as of 5/6/2021), all the APIs, group policies, and user interfaces that specifically govern the behavior of Adobe Flash Player will be removed from Microsoft Edge (legacy) and Internet Explorer 11 via the month’s “Cumulative Update” on Windows 10 platforms and via “Cumulative Update for Internet Explorer 11” or “Monthly Rollup.”
In October of 2020, Microsoft released a “Recommended” KB that accomplished what will be mandatory come July - KB4577586: Update for the removal of Adobe Flash Player: October 27, 2020 (microsoft.com)
Not running KB4577586 allowed Flash to continue to be run somewhat securely by utilizing the “Allow List MMS.cfg” option. Being lumped in with a security update will remove Flash from Windows mandatory come July for all intents and purposes. In other words, Flash will no longer be able to be run in a Windows OS.
Although certainly better than the previous “summer of 2021” pronouncement, “July” is still a bit vague for an IT timeline, especially if a mission-critical application could suddenly break in an enterprise environment.
Unlike the clumsy virtualized solutions that are single-use and priced per instance per year, Browsium offers a secure, inline solution for the continued use of Flash invisible to the end-user AND configurable for virtually any Legacy application compatibility issue – today and tomorrow.
Software EOL is not new by any means. Oracle is no longer supporting Java for free, as an example. The difference here is the scorched earth approach from Adobe/Microsoft. Of course, through an Adobe partner, there is a paid virtual solution that requires a custom browser and needs to be purchased for each application on an annual basis.
What you can do next
So what options are there? Rewriting legacy apps and/or retraining is expensive and time-consuming. Waiting for a clear timeline is risky and could result in an expensive interruption.
If you are already an Ion customer, you likely know where this is going. Like our multiple Java version remediation, it is possible to sandbox Flash to the trusted URLs of your choosing – centrally – and invisibly to the end-user.
So, when, I don’t know, let’s say accounting, fires up their computers the morning after the security update and navigates to a legacy app that requires Flash… The application won’t be broken, the user sees nothing new, and everyone gets paid! Sadly, something that doesn’t happen in IT doesn’t get the same recognition as when something (really bad) does. We feel your pain.
If you aren’t currently using Ion, why not?!?
Seriously, with Ion, you can:
? Run Flash without having to isolate a special browser version
? Run multiple versions of flash side-by-side
? Run Flash without Flash being installed
? Run Flash even if it’s actively blocked
? Run Flash versions indefinitely
As always, you know where to find us!
www.browsium.com/flash-end-of-life
Technical Director @ APPtechnology
3 年The movement of the Flash removing KB4577586 from recommended to mandatory in July 2021 is a challenge for some Enterprises. Using APPtechnology expertise and Browsium Software we can securely maintain your users' application experience, while allowing you to keep your browser up to date and Flash off the system.