Permission Issue with 32.0.0.255 version kills our program.

Report · Sep 19, 2019

problem on the latest version of player. We are servicing multiple academies in Korea and we are having a problem right now. The latest version of Flash 32.0.0.255 killed the calling of javascript that calls the activex. If we downgrade to 32.0.0.207 it will work. I assume that might be the permission has a problem. If i made the IE run as administrator it will be okay but those application we created that wrap IE on a much lower version does not get the chance to make its right to be elevated as administrtor thus the blocking. So we have no choice but to downgrade and we have a lot of centers right that are complaining. Our activex being called inside the web thru javascript is signed. And i guess it does not need to get elevated permission. Let me know.

Report · Sep 23, 2019

Please try adding the following directive to your mms.cfg:

EnableInsecureActiveXNavigateToURL=1

The System Administrator's guide has details on how to deploy mms.cfg:

https://www.adobe.com/content/dam/acom/en/devnet/flashplayer/articles/flash_player_admin_guide/pdf/l...

Report · Sep 30, 2019

There is no entry in the Adobe System Admin Guide listing "EnableInsecureActiveXNavigatetoURL" for MMS.CFG. What does this setting do, specifically? Based on the latest Adobe Dcocumentation, there is only one other setting that bears any similarity: EnableInsecureActiveXXMHTMLSupport, and the documentation recommends not enabling that setting, as it would make Flash Player vulnerabile.

Report · Oct 17, 2019

It should be on page 47 of the link above. But yeah, you're making a request that we're not going to allow moving forward. You'll need to update your content. In the meantime, you can deploy the flag as a workaround. The goal should be to modify your application and wean yourself off the flag, but it's there to provide immediate pain relief.

Report · Sep 30, 2019

I can reproduce this with Flash player 32.0.0.255 32bits version for IE but not with the 64 bits version neither the peperflash 32 bits version. Settting EnableInsecureActiveXNavigateToURL=1 in mms.cfg file is a workaround. But I can't find any information about this parameter.

Report · Sep 30, 2019

It seem that there is an other workaround using ExternalInterface and javascript function window.open: ExternalInterface.call("window.open", url, window);

Report · Oct 17, 2019

I am curious because I have heard many academic places are still using Flash. What is your strategy for the end-of-life of Flash in 2020?

Adobe Community

Permission Issue with 32.0.0.255 version kills our program.