Locked

Latest Adobe Flash 32.0.0.171 Broke flash in Chrome in our Win10 VDI deployment

Community Beginner ,
Apr 10, 2019 Apr 10, 2019

Copy link to clipboard

Copied

Our organization is running a non-persistent windows 10 1703 VDI with Chrome v73 and all has been flawless up until yesterday when Adobe released flash 32.0.0.171.  It essentially broke every single flash website.  Flash will not load at all it just shows the puzzle piece icon and if you right click and then click "Run Plugin" nothing happens.  We had to open our image and manually install flash 32.0.0.156 (previous version) for Chrome and then disable the component updates in chrome via GPO to block flash from auto updating.  This is obviously not a long term solution as Chrome will eventually block Flash from running at all if we get too far behind on the versions but I'd like to know what can be done to troubleshoot / fix this.

Views

1.2K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct Answer

Community Beginner , Apr 16, 2019 Apr 16, 2019
We just confirmed that Adobe did indeed change the certificate that is included in the pepflashplayer.dll file.  We have a piece of security software that monitor's DLL file's for changes.  We had to approve the updated cert included in the pepflashplayer.dll file and that resolved our issue.

Likes

Translate

Translate
Adobe Employee ,
Apr 15, 2019 Apr 15, 2019

Copy link to clipboard

Copied

This is the only report I've seen of this issue.  if your organization has a support agreement with Adobe, I'd recommend reaching out to your named support rep to see if someone can help debug on a representative system.

Chrome and Flash tend to release simultaneously.  You might have some luck narrowing down the problem with the Chromium bisection tool (or at least eliminate Chrome as a potential source of the issue).  bisect-builds.py - The Chromium Projects

When I see Flash refuse to run in a specific enterprise environment, I usually think that someone got overly enthusiastic when locking things down with custom GPOs, but most enterprise admins don't like to share details about their custom security configurations, which makes it hard for folks like me to spot patterns in "too-strict" configurations.


All I can recommend is to take a good look through your logs, and if you can't find a working configuration with bisect-builds (e.g. Chrome versions that pre-date April 9th don't work anymore), then I'd start looking at what else changed in your environment.

If you figured this out already, I'd be curious to know what you learned.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Apr 16, 2019 Apr 16, 2019

Copy link to clipboard

Copied

You're suggesting something changed in our image the exact same day that Adobe released a flash update for Chrome which isn't the case.  This is a non-persistent VDI which means everything is controlled in the gold image, except the "Chrome components" flash included.  That gets updated on-demand as it should.  We've had all of these same settings set for the 2 years we've been running this VDI and have never had this issue.  We are running Chrome v73 and have been since Google released it with no issues... until Adobe released flash .171 on 4/9.  What's more reasonable and likely is that Adobe changed something in .171 which is causing this issue for us.  As usual Adobe's release notes don't state anything other than "Bug and security fixes" which isn't helpful.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Apr 16, 2019 Apr 16, 2019

Copy link to clipboard

Copied

LATEST

We just confirmed that Adobe did indeed change the certificate that is included in the pepflashplayer.dll file.  We have a piece of security software that monitor's DLL file's for changes.  We had to approve the updated cert included in the pepflashplayer.dll file and that resolved our issue.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines