Securing Adobe Flash Player

By , www.winhelp.us. Last modified: 2014-10-31.

How to make Adobe Flash Player settings more secure in Windows XP, Vista, 7, 8 and 8.1

Adobe Flash Player can be used for accessing web cameras and microphones connected to your computer, store cookies, supercookies and data on your computer's hard drive, and even upload content to other users. Therefore it is important to set Adobe Flash Player settings to safest possible - you probably know how often critical security bugs are found in the Flash Player. Smile

Adobe Flash Player is already built into Internet Explorer 10 and 11 in Windows 8 and 8.1.
Google Chrome has a special "pepper" (PPAPI) version of Flash Player and its settings can be changed only at this Macromedia web page. Despite looking a bit different, its settings are pretty much the same as described in this tutorial.

First, please make sure you are running the latest version of Adobe Flash Player by visiting Browser and Plug-in Check page. This is your first step to more secure configuration!

To add a free protection layer from even unpatched security bugs, please read the Microsoft EMET article!

Adobe Flash Player Settings Manager in Windows

In Windows XP, Vista and 7, click Control Panel on the right side of Start menu.
In Windows 8 and 8.1, use keyboard shortcut Windows Key+W to open Settings Search. Type "flash" into Search box and click Flash.
Windows 7 and Vista, Control Panel link on the right side of Start menu Windows XP, Control Panel link on the right side of Start menu Windows 8, Start screen, Settings Search. To configure Adobe Flash Player, type 'flash' into Search box. Then click Flash Player.

In Windows Vista and later, it is best to type "flash" into Control Panel Search box to quickly locate the Adobe Flash Player applet. You can also use Category View to locate it.
Then click Flash Player or Flash Player (32-bit).
Windows 7, Control Panel. To locate Adobe Flash Player configuration utility, type 'flash' into Search box. Then click either Flash Player or Flash Player (32-bit).

In Windows XP, you must switch Control Panel to Classic View first. Do this by clicking the Switch to Classic View link on the left. Then locate and double-click Flash Player.
Windows XP, Control Panel. Click 'Switch to Classic View' link on the left to exit Category View. Windows XP, Control Panel, Classic View. Double-click Flash Player to open Adobe Flash Player configuration applet.

Storage Settings - Flash Player cookies, Supercookies

Flash Player Settings Manager opens in Storage tab. This is the tab related to Flash cookies that many companies (mis)use for tracking users' behavior online. While not all Flash cookies are sneaky, it is best to keep these away. Do this by clicking Block all sites from storing information on this computer.
Please note that this might affect a few online games or video sites - game progresses are not saved or videos do not play (YouTube and other major video sites are not affected by the setting).
Windows, Flash Player Settings Manager, Storage tab. To keep Flash cookies/Supercookies away, click 'Block all sites from storing information on this computer'.

A warning window about deleting all stored cookies appears. Click OK.
Flash Player Settings Manager, Disable Local Storage. Click OK to delete all stored Flash cookies.

You might have to repeat this step if this is the first time you're configuring Flash Player.

Removing all stored Flash Player cookies

If you want to erase all Flash cookies later or you did not see the warning message, click the Delete All... button on Storage tab.
Windows, Flash Player Settings Manager, Storage tab. To remove all stored Flash cookies, click 'Delete All'.

Delete All Site Data in Flash Player window opens with the first option, Delete All Site Data and Settings, selected by default.
If you are selling or recycling your current computer, it is recommended to select the Delete All Audio and Video License Files option, too.
Click Delete Data to erase all stored Flash cookies.
Windows, Flash Player Settings Manager, Delete All Site Data in Flash Player. To erase all stored Flash cookies, click 'Delete Data'.

Camera and Mic settings in Flash Player

Switch to Camera and Mic tab above.

To prevent unauthorized access to your webcam and microphone, use the default option - Ask me when a site wants to use the camera or microphone (recommended). This will pop up a prompt each time a web site tries to see or hear you.

In case you need to be extra private, use the Block all sites from using the camera and microphone option instead.
Windows, Flash Player Settings Manager, Camera and Mic tab. To keep unauthorized sites from watching and hearing you, use the default option - Ask me when a site wants to use the camera or microphone.

Playback settings in Flash Player

Click Playback tab. The name is quite misleading, it configures peer-assisted networking instead.
Some internet connections have very limited upload bandwith, so it is not advisable to share it with other users who visit the same web site. If your upload bandwith is full or nearly full, it will also strongly affect download speed (web pages open very slowly).
To prevent slowdowns, click Block all sites from using peer-assisted networking.
Windows, Flash Player Settings Manager, Playback tab. To prevent Internet connection slowdowns, click 'Block all sites from using peer-assisted networking'.

Advanced - checking for Flash Player updates and deauthorizing your computer

Open Advanced tab.

The first button, Delete All... removes all stored Flash cookies and files, plus resets settings to their (sometimes insecure) defaults. You should use this only if you're recycling or selling your PC.

In Updates section, select Install updates automatically when available (recommended). This setting is available since version 11.2 of Adobe Flash Player, and it downloads updates in the background. Installing the updates is offered only after you log off / sign out of your Windows account and then log back in (this also includes restarting your PC).
Please note that currently installed versions are listed here: for ActiveX (Internet Explorer), NPAPI (all Netscape-based browsers, such as Firefox), and PPAPI (Google Chrome).

To check for updates right away, click Check Now. In Windows Vista and 7, you might have to use the Change Update Settings button first - this will wake up the most beloved User Account Control. In Windows 8 and 8.1, update settings are locked to automatic updating.
You can use free Secunia PSI for fully automated updates of Flash Player.
Windows 7, Flash Player Settings Manager, Advanced tab. Make sure that 'Allow Adobe to install updates (recommended)' is selected in Updates section. Windows 8.1, Flash Player Settings Manager, Advanced tab. All settings are grayed out in Updates section.

If you want to sell or recycle your computer, you should deauthorize the computer first. This removes all licenses for purchased or rented content, such as audio and video files.
To do this, scroll the page down and click Deauthorize This Computer...:
Windows, Flash Player Settings Manager, Advanced tab. To remove all purchased licenses, click 'Deauthorize This Computer'.

Deauthorize This Computer window appears. Close all open Internet browsers and click OK to erase all licenses.
Windows, Flash Player Settings Manager, Deauthorize This Computer. Click OK to remove all purchased licenses.

And that's it - Adobe Flash Player configuration is now safer. Cool

 

 

Sub Navigation

Sub Navigation
Next: Securing Adobe Reader
Previous: Application Security
comments powered by Disqus