1.3.3 Ensure 'Default Adobe Flash setting' is set to 'Enabled: Block the Adobe Flash plug-in'

Information

This policy setting determines whether the use of Adobe Flash will be allowed for websites visited inside of Microsoft Edge.

The recommended setting is Enabled: Block the Adobe Flash plug-in

Rationale:

Adobe Flash has many known vulnerabilities which can expose a users machine to several attacks, furthermore Adobe Flash will be discontinued in the future.

Impact:

Websites using Adobe Flash will not operate as expected.

Solution

To establish the recommended configuration via GP, set the following UI path to Enabled: Block the Adobe Flash plugin

Computer Configuration\Policies\Administrative Templates\Microsoft Edge\Content settings\Default Adobe Flash setting

Note: This Group Policy path may not exist by default. It is provided by the Group Policy template MSEdge.admx/adml that can be downloaded from Microsoft here.

Default Value:

Not Configured - But the user can change this setting.

See Also

https://workbench.cisecurity.org/files/3907

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7b., CSCv7|7.2

Plugin: Windows

Control ID: c91bca23b985251da4b516b5d9c02c7134fc3997f3d9e38e97ece79a9f504799