Flash Deployment: best practice?

We have 300 pc's (two locations).

Each PC originally had Adobe Flash on the image.
Only 20% of the PC's can 'surf the net'
We use Microsoft Threat Management Gateway for as our 'isa proxy server'.

Questions:
--------------

1. What's the best way to keep flash up to date without being burdensome:  should we download the fresh MSI and deploy via active directory each time adobe fixes a bug?  Does adobe update its MSI each time they fix a bug?  Is is reasonable to deploy a flash update to maybe 10 pc's, and if nothing catastrophic happens after 1 day, release it to all users?  (I've never heard of a flash update trashing a pc - in contrast to windows updates which of course can).

2. Alternatively, should we let the clients just poll adobe on reboot (or whenever it checks), and them them download updates that way?  Our concern is if requires user interaction, it won't happen.  Is there a registry key or something which can make the updates 'just happen'?

3. I'm concerned that the non-surfing pc's have old, security bug plagued versions of flash; we don't keep flash up to date.  Should I be concerned about malicious flash content arriving via email to these non-surfing pc's and getting them infected?  Is this a threat vector which we should address?

Thanks for any suggestions for making flash deployments less terrible,
Mike
mike2401Asked:
Who is Participating?
 
dgofmanConnect With a Mentor Commented:
You can create a script to get latest files from the websites

http://labs.adobe.com/downloads/flashplayer11.html

http://get.adobe.com/flashplayer/ 

or configure mms.cfg file

http://kb2.adobe.com/cps/167/16701594.html
0
 
mike2401Author Commented:
Thanks dgofman.

BTW, do you think malicious flash content received via email is a concern?

Mike
0
 
dgofmanCommented:
No, I never getting such emails. Except Adobe Flash Pro CS5 with to purchase :)
0
 
mike2401Author Commented:
Thanks dgofman.

Much appreciated.

Mike
0
 
mike2401Author Commented:
Thank you!
0
All Courses

From novice to tech pro — start learning today.