Flash application in web browsers after End of Life

how could you end it like that when I am in school flash games were the only things that keep me sane enough to be around people so thanks flash for ruing my life  [rude remarks removed by moderator.]

This is a serious issue for us, as we have some legacy hardware which is configured via flash web UI.  You know, it's more than just web servers that have web interfaces.  We've already had no end of trouble with deprecated SSL algorithms.  Running a dedicated machine is not a workable solution as old versions of the OS and Browser become unavailable. New operating systems no longer run older web browsers.   Old operating system don't work on new hardware.  Old hardware breaks and is difficult to find. We can't ask any of our vendors if they could supply or repair such an old PC because the answer is always no.  I've been down this path quite a few times. thank you.

In a blog post:

https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support/

Microsoft states third-party provided Flash Player versions (like the HARMAN one) will work in IE 11 & in Microsoft Edge IE mode.

Hello, i am from Argentia I found a way to use flash player applications inside electron app in order to run a swf, this app could be installer using electron-builder in windows, mac, or linux.

I already test my application made in electron it running today ok, change my date to 23-01-2021 and is running. but I have to use the version 31 of pepper flash player. This file is inside the installer package, builded by electron-build. Just to avoid version collitions.

Let my know if you need some help i can share my code is very small, is just to run an electron app and open a WindowBrowser. 

This is a workarround, just for a short time, I dont have the propper budget to migrate in this yerar the whole flex application. 

Regards

Thanks a lot for your answers. I agree that migrating to other technology is the optimal solution but it's a big application highly customized and with internal developments based on Flex. Unfortunately we won't end doing this by January 2021. 

So, with this scenario, we are evaluating options. Harman's packaged browser solution sounds like a good one to me, and we'll contact them for getting a trial and pricing. 

Regarding browsers and Flash Player whitelist: if I understood well, even if we put our application URL in whitelist, it won't work in Chrome/Firefox/Edge in January 2021, because these browsers are going to block Flash Player 100% after December 2020. Am I right? 

What about these browser versions and Flash Player whitelist in January 2021? Can you confirm if they would be able to run a Flash application in 2021?

- Old Chrome/Firefox/Edge version + Flash player whitelist, making sure that browsers won't update.

- Non mainstream browser (e.g. one based in Chromium, but not Chrome) + Flash player whitelist.

- We have also tried "translating" our web application to Air Desktop application, but it requires installing Flash Player in order to run. Would this work in January 2021 with/without whitelist? I've also read that Windows will remove Flash Player via Windows Update.

I hope jeromiec83223024 or other Adobe employee/user can answer to all these questions and clarify this topic in order to make a decission. As I said Harman sounds good but depending on the performance and pricing maybe we have to create an isolated environment.

Thanks in advance.

The optimal solution is to migrate to technologies that don't use Flash before the end of the year.

For enterprises that absolutely must run Flash Player beyond the end-of-life date, they can work with our technology partner Harman to license a solution that will meet their needs.  If you absolutely must use Flash Player in your organization after EOL, this is the best option.

You can find more about that program here: https://services.harman.com/partners/adobe

Where that's simply not feasible, the whitelist option allows administrators to reduce the attack surface by restricting Flash Player to only loading content from a whitelist; however, simply setting some whitelist options and walking away is not a great plan (nor is it likely to be sufficient, depending on what browser(s) your company uses). 

There's a whole industry built around running legacy software securely in enterprise environments.  To do it well requires careful thought, engineering and money.  Virtualization solutions for creating isolated, ephemeral desktop environments that expose specific internal applications to modern clients come to mind.  The whitelist options provide some additional tools to engineers trying to solve these types of problems for their specific applications.  They are not a panacea, nor are they a substitute for following the important security best-practice of running current, actively maintained software.  Configured thoughtfully, they may help to reduce the attack surface for enterprises that are simply not able to remove their dependencies on Flash Player in the short term.

The point of Flash Player whitelists, I guess, is that Adobe won't stand in the way of unwise schemes to use out of date or non mainstream browsers to keep running stuff. But you have to go to some effort to show you understand the risks.