I have a sonicwall appliance that uses flash, you cannot use the appliance now because flash will not RUN!!! so a $10,000 appliance is JUNK! because adobe killed flash.. all i get is this big
that will not allow me to run my expensive product , so now what?
You should ask someone at SonicWall if they have an update for whatever applicance you are using. I'm sure they are well aware that their equipment would stop working if they don't intend to update it. Maybe ask the user community here:
It's a bit ridiculous that I can't use it because Adobe coded flash to stop working altogether. I get you dont want to support it, I get you not going to make any new versions, but to force my production product to stop working is unacceptable
Copy link to clipboard
Surely, this came as no surprise to anyone. The planned Flash Player EOL was widely publicized 3-1/2 years ahead giving programmers more than ample time to prepare for it.
Pre-Announcement from 2017
Flash EOL for Enterprises
Flash EOL FAQ
I knew EOL was coming but not that your device would fail to function.
1. I don't work for Adobe. I'm a product user like you.
2. SonicWall knew about the EOL. So it's incumbent upon them to fix the problem. Adobe cannot fix this for them, nor should they.
and yes i have already reached out to sonicwall
A couple things:
You can learn more about the Enterprise Enablement features and the options available for your organization (including licensing a maintained version of Flash Player from our support partner HARMAN, here):
You can read more about the Enteprise Enablement features in the admin guide, here:
Hope that helps!
I am not sure what you mean about freeze, I have tried attempted the override, and its not working, i still get the big Fi icon, clearly I am not doing something right, but the instructions are not writing in leymans terms, and not easy to follow or even understand.
below is what i have at my MMS.CFG uner the windows\syswow64 file path.
if i copy this mms.cfg to the users/appdata/local/google/chrome/userdata/pepperflash
and when i use chrome (as suggested by sonicwall) i get the message that adobe flash player was blocked because its out of date ( udpate plugin) or (Run this time) <<< which is what i should get yes?
anyhow when i click RUN THIS TIME ,
the screen is blank.. nothing, nada..
# duplicate actionscript console output
# Enable the AllowList feature
# Normally, the allow list blocks URL requests
# unless the url matches a pattern in the list.
# In preview mode, all requests go unblocked,
# but console output is written for each request
# indicating which pattern it matched or that
# no match was found..
TraceOutputEcho = 1
You have mms.cfg in the wrong spot for Chrome (correct details are in the admin guide under the mms.cfg section). Also, Chrome 88 has already shipped, which dropped support for all browser plug-ins, including Flash.
Doing this in Chrome is painful, especially if you use multiple Chrome profiles. Each one has it's own Flash data folder and needs it's own mms.cfg.
I'd recommend using Firefox ESR (extended support release) which will buy you a few more months. The latest generally available Firefox update has also dropped support for browser plug-ins.
At that point, you can put mms.cfg in the right spot (C:\Windows\System32\Macromed\Flash\mms.cfg and/or C:\Windows\SysWOW64\Macromed\Flash\mms.cfg)
If you're not seeing logs in the console at that point, you've got mms.cfg in the wrong spot. I noticed the other day that regardless of being 32 or 64-bit, Firefox seems to always look in SysWOW64 (the 32-bit location), which is some weird quirk of their 64-bit sandbox. I'd start with putting mms.cfg there, just so you're working with one config file and not risking getting confused by having two different files that might not be synced.
Also, by "freeze", I mean build a machine that has an old Flash and an old browser, and never gets updated. There are plenty of ways to accomplish this (dedicated/air-gapped computer that only talks to the appliance, VMWare/VirtualBox, etc), but whatever route you choose, you should never use it to actually browse the web (and ideally, actively ensure that it can't).
Also, 443 is the standard port for HTTPS, so you don't need to specify it. I'm not sure it would hurt, but this is simpler and less likely to trip you up.
This was easier to do before Jan 12th, because you could put it in preview mode and just log everything that "might" get blocked, but that's not really an option at this point. You could try changing the system clock, but HTTPS cares about the date, so that may or may not cause other weird failures. I'd just leave everything as-is and keep iterating until I have a complete set of rules.