Flash Is Back
Since Adobe no longer supports Flash Player, IT departments have been disabling and uninstalling Flash Player — what are the risks?
Flash Player No Longer Supported
Since Adobe no longer supports Flash Player as of December 31, 2020, IT departments around the world have been disabling and uninstalling Flash Player in preparation for Adobe making the software obsolete.
A search of the National Vulnerability Database (NVD) confirms there has been 1,122 confirmed fixes for Flash Player, with the first published in 2002. Of these vulnerabilities there has been no less than 4 confirmed weaponized exploits, with one causing the loss of over 400GB of confidential data on the dark web.
What are the Risks of Obsolete Software?
One of the major risks of outdated software is a ransomware attack. When software falls from support, future updates which include security updates are stopped which pose a significant risk to companies running that software.
For instance, you are running a legacy application which runs on an older version of Windows 7. This poses two risks – one for the operating system and another for the application. Can you afford to accept this level of risk?
Windows 10 and Flash Player
Windows 10, version 20H2 which was released in September 2020, still includes Adobe Flash Player as part of its feature set.
Robert Brown, Chief Customer Success Officer for Syxsense says, “If you have been uninstalling Flash or disabling the future use of Adobe Flash, you will have to do the same all over again after you have upgraded to the latest Windows 10 Feature Update 20H2 as it comes bundled in. If you wait for 21H1 this year, Adobe Flash will not be available. We urge IT administrators to prepare for a second round of uninstalls if they have not yet deployed their Windows 10 20H2 feature updates.”
How to Uninstall or Disable Adobe Flash
There are two supported methods to uninstall or disable flash:
- Visit the Adobe website and download the supported Adobe Flash uninstaller program AND
- Deploy Microsoft Update KB4577586 to disable any future use of Adobe Flash.
Both uninstalling Adobe Flash and deploying the KB will restrict any possible future installation of Flash (except upgrade of the Feature Update above, of course).
How to Use Syxsense Cortex Jobs
Customers using Syxsense Secure can benefit from using a multi-step action task which performs the Feature Update, uninstalls Flash, and disables future use at the same time.
Here is an example of the Syxsense Cortex job.
Experience the power of Syxsense Cortex, free for 14 days.
Syxsense Cortex is included with Syxsense Secure. Our intuitive technology helps you easily predict and remove security threats where you are most vulnerable — at the endpoint.