Solved

Flash Deployment: best practice?

Posted on 2011-09-09
5
312 Views
Last Modified: 2012-06-21
We have 300 pc's (two locations).

Each PC originally had Adobe Flash on the image.
Only 20% of the PC's can 'surf the net'
We use Microsoft Threat Management Gateway for as our 'isa proxy server'.

Questions:
--------------

1. What's the best way to keep flash up to date without being burdensome:  should we download the fresh MSI and deploy via active directory each time adobe fixes a bug?  Does adobe update its MSI each time they fix a bug?  Is is reasonable to deploy a flash update to maybe 10 pc's, and if nothing catastrophic happens after 1 day, release it to all users?  (I've never heard of a flash update trashing a pc - in contrast to windows updates which of course can).

2. Alternatively, should we let the clients just poll adobe on reboot (or whenever it checks), and them them download updates that way?  Our concern is if requires user interaction, it won't happen.  Is there a registry key or something which can make the updates 'just happen'?

3. I'm concerned that the non-surfing pc's have old, security bug plagued versions of flash; we don't keep flash up to date.  Should I be concerned about malicious flash content arriving via email to these non-surfing pc's and getting them infected?  Is this a threat vector which we should address?

Thanks for any suggestions for making flash deployments less terrible,
Mike
0
Comment
Question by:mike2401
  • 3
  • 2
5 Comments
 
LVL 29

Accepted Solution

by:
dgofman earned 500 total points
ID: 36515275
You can create a script to get latest files from the websites

http://labs.adobe.com/downloads/flashplayer11.html

http://get.adobe.com/flashplayer/ 

or configure mms.cfg file

http://kb2.adobe.com/cps/167/16701594.html
0
 

Author Comment

by:mike2401
ID: 36522606
Thanks dgofman.

BTW, do you think malicious flash content received via email is a concern?

Mike
0
 
LVL 29

Expert Comment

by:dgofman
ID: 36523761
No, I never getting such emails. Except Adobe Flash Pro CS5 with to purchase :)
0
 

Author Comment

by:mike2401
ID: 36531182
Thanks dgofman.

Much appreciated.

Mike
0
 

Author Closing Comment

by:mike2401
ID: 36531188
Thank you!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
OnPage: Incident management and secure messaging on your smartphone
The goal of the tutorial is to teach the user how to how to record live broadcast.
The goal of the tutorial is to teach the user how to select the video input device. Make sure you have an input device that in connected and work and recognized by Adobe Flash Media Live Encoder and select it in the “video input” menu.

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question