Reading some of the Flash EOL documentation, it implies that Flash will stop working after the EOL date, even if you are running an older browser version (ex FireFox 69)? I understand that new browsers will not support it but just like needing an older version of Java, can you run an older browser (and Flash version) and still use flash?
Expect Flash to time bomb and stop working. Older versions of Flash are no longer legally available. Adobe are determined to close it down, I would say.
For security reasons, the use of old browsers and plugins are highly discouraged. If you go down that rabbit hole, you should unplug from the Internet.
Eventually modern operating systems will stop supporting older apps so at best it's a short term solution. The alternative is to run a 2nd computer or virtual machine with an older OS that a) never connects to the Internet and b) never receives upgrades.
While I apprecaite the reply, I have circumstances beyond my control that require me to continue using Flash. I'm well aware of the typical warnings regarding security, older browsers, and flash.
What I was looking for was validation that if I create an admin jump box that has Firefox 69 and Adobe Flash (with updating disabled) will it continue to work into late 2021? This box will not be used for internet browsing or checking emails.
Your circumstances may be beyond your control, and you have my sympathy, but what you are looking for "assurance of a way to keep it working" isn't going to happen. Unless you are a large company ready to sign a contract for future usage with Harman, assume it will go away, and simple attempts to find loopholes won't succeed. Don't build any future plans on such attempts.
Maybe it will, maybe it won't.
That's the only assurance I can make.
You can do this. You'll need to build out and test a frozen environment that meets your requirements. You can test it by using a current Flash Player build and setting the date on the system forward to something like Feb 1 2021.
You'll want to check out the Enterprise Enablement section of the Flash Player System Administrator's guide:
There's a number of things that we're doing to protect the broad population of users as Flash reaches EOL. The admin guide describes what's happening and how to manage those settings via the mms.cfg file.
When Flash Player reaches EOL, the EnableAllowList directive will change from being disabled by default to enabled by default. With EnableAllowList=1 set, you can configure Flash Player to only load content from URIs that match defined patterns. If you're using Flash Player to access a particular administrative UI and that's all you need, you should set EnableAllowList=1 and the appropriate AllowListPattern directive. There are some additional options that make it easy to discover what's being blocked and tune those patterns appropriately.
Limiting the content that Flash Player will load to just the administrative UI that you need drastically minimizes your attack surface, while allowing you to continue using legacy tools until you can migrate.
The big caveat is that since most major browsers will be removing plug-in support entirely after Flash Player reaches EOL, you're going to need to freeze a combination of the OS, Flash Player and your web browser of choice.
Depending on what I was doing, if it were me, I'd probably use a virtualization solution like Citrix to expose that admin UI as a legacy application, and an ephemeral machine instance to ensure that my admin sessions always launch from a known-good state, and are as locked down as humanly possible.