1.1.63 Ensure 'Extend Adobe Flash content setting to all content' is set to 'Disabled'

Information

This policy setting allows Adobe Flash content embedded in websites to run.

The recommended state for this setting is Disabled.

Rationale:

Allowing flash plugins or 'hidden' Flash content could open up a user to malicious content and activity. In addition, Adobe Flash will no longer be supported by the manufacturer as of December 31, 2020.

Impact:

Adobe Flash content may be blocked from the end user.

Solution

To establish the recommended configuration via GP, set the following UI path to Disabled

Computer Configuration\Policies\Administrative Templates\Microsoft Edge\Extend Adobe Flash content setting to all content

Note: This Group Policy path may not exist by default. It is provided by the Group Policy template MSEdge.admx/adml that can be downloaded from Microsoft here.

Default Value:

Disabled.

See Also

https://workbench.cisecurity.org/files/3907

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7(5), CSCv7|2.2

Plugin: Windows

Control ID: f0d098097b4cab20d95fc716ee771dbe9f54caa769dece0547b76d5550777948