View the security misconfiguration catalog
  • Misconfiguration Name
  • Webpages are allowed to run Flash plugins automatically
  • Description
  • Flash plugins are insecure as they are prone to many vulnerabilities. Therefore, Websites should not be allowed to run Flash plugins automatically. Allow users to grant permission whether to run Flash plugins or not, by resolving this misconfiguration.
  • Severity
  • Moderate
  • Category
  • Chrome Security Hardening
  • Resolution
  • Follow the below steps in GPO to resolve the misconfiguration. Windows group policy: 1. Open the group policy editor tool with gpedit.msc  2. Navigate to Policy Path: Computer ConfigurationAdministrative TemplatesGoogleGoogle ChromeContent Settings Policy Name: Default Flash setting Policy State: Enabled Policy Value: Click to play
  • Does remediation require reboot?
  • No