Menu
CCMEXEC.COM – Enterprise Mobility
  • Home
  • General
  • Configuration Manager
  • Windows 10
  • Intune
  • GitHub
  • Windows 11
  • About the author
CCMEXEC.COM – Enterprise Mobility

Turn off Flash in both Edge and IE in Windows 10

Posted on November 9, 2015August 24, 2017 by Jörgen Nilsson

In Windows 10 there are built-in support for Flash in both Internet Explorer 11 and Microsoft Edge but that doesn’t mean that you should use it! Even if that makes updating the Flash plugin much easier as it is done using Microsoft Update/WSUS/Configuration Manager it is still very many 0-Day vulnerabilities and security issues in Flash. In most organisations there are no LOB application or other productivity tools that use Flash. So why are you using Flash in your organisation? to be able to consume commercial AD’s on the Internet? Play games?

I know there are users/system that need require it, but disabling it on those systems that doesn’t need it is a good idea! Found this picture on Twitter somewhere and i visualizes it well I think! 😉

FLash
So the next thing would be disabling Flash, for Internet Explorer it is easy there are a group policy that we can do it with a Group Policy as displayed below.

DisableFlashIE

In Microsoft Edge on the other hand that is more of a challenge, there are no Group Policy to disable Flash with. We can solve this by using Group Policy Preferences.

1. Create a new Group Policy Preference setting in the User part of the GPO as it is a user setting in Edge.

2.The following key is the one that should be created:

[HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Addons]
“FlashPlayerEnabled”=dword:00000000

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Addons]

“FlashPlayerEnabled”=dword:00000000

3. Add a registry entry in the GPP, I did it using the “Update” action if a handy user enables it again it will be disabled when the GPP are applied the next time.
DisableFlashEdge_GPP

4.  The result will look something like this.

DisableFlashEdgeSo when you start designing/testing/piloting Windows 10 in your organisation, why not do it without Flash enabled?!

There are now better time to make a change like this as when you roll out a new Operating System, so your next big opportunity to do this will be with the release of… Wait that are no new Operating Systems versions coming only Windows 10!

  • Disable Flash
  • GPP
  • Group Policy
  • Group Policy Preference
  • 3 thoughts on “Turn off Flash in both Edge and IE in Windows 10”

    1. Pingback: Windows 10 – Arrêter Flash dans Microsoft Edge et IE |
    2. Andrew Blackburn says:
      July 26, 2017 at 6:00 am

      Just wanted to follow up this article with an update in the comments because its the #1 result for “Disable Edge GPO” on Google. I work at a school and this is what I’ve put together for blocking Flash outright on machines. Microsoft has made the GPP workaround above obsolete by releasing real GPO management options for Edge:

      Disable Flash on client computers:

      CHROME:
      (Requires Chrome ADMX template: https://dl.google.com/dl/edgedl/chrome/policy/policy_templates.zip)
      GPO: Administrative Templates > Google > Google Chrome > Content Settings > Default plugins policy > Enabled – dropdown set to “Block all plugins”

      FIREFOX:
      Uninstall Adobe Flash from system (NPAPI and PPAPI – just for safe measure)

      IE:
      GPO: Administrative Templates > Windows Components > Internet Explorer > Security Features > Add-on Management > “Turn off Adobe Flash in Internet Explorer and prevent applications from using Internet Explorer technology to instantiate Flash objects” set to “Enabled”

      EDGE:
      (Requires ADMX template for Windows 10 build 1703: https://www.microsoft.com/en-us/download/details.aspx?id=55080)
      GPO: Administrative Templates > Windows Components > Microsoft Edge > “Allow Adobe Flash” set to “Disabled”

      Stand alone player (included with Adobe Animate CC / Adobe Flash Professional):
      (Block using AppLocker or SRP)
      Publisher: O=ADOBE SYSTEMS INCORPORATED, L=SAN JOSE, S=CALIFORNIA, C=US
      Product Name: SHOCKWAVE FLASH
      File Name: SAFLASHPLAYER.EXE
      File version: *

      Reply
    3. Michael Tobisch says:
      December 6, 2017 at 5:00 pm

      Thanks for that article. My question is: Is there a way to allow Flash for specific sites and turn it off for all others (say a kind of exception list)?

      Reply

    Leave a Reply Cancel reply

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    My name is Jörgen Nilsson and I work as a Senior Consultant at Onevinn in Malmö, Sweden. This is my blog where I will share tips and stuff for my own and everyone elses use on Enterprise Mobility and Windows related topics.
    All code is provided "AS-IS" with no warranties.

    Recent Posts

    • PowerShell script to keep Personal Teams away in Windows 11
    • Windows 11 Multi-App kiosk – a first look
    • Playing around with Driver Updates in Intune
    • MMUGSE – Summer Meetup 8th of June 2023
    • PS Script to Update Boot images with CU-CVE-2023-24932

    ©2023 CCMEXEC.COM – Enterprise Mobility | WordPress Theme by Superb Themes
    This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Reject Read More
    Privacy & Cookies Policy

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT