X
Tap here to go to the mobile version of the site.

Support Forum

Possible to prevent Firefox from loading two versions of Flash, without disabling PLID scan?

Posted

Our IT department—what a great way to start a question—does not roll out regular updates for Flash. To bridge this security gap for Firefox on my work computer, I copy the following files:

  • flashplayer.xpt
  • FlashPlayerPlugin_<version>.exe
  • FlashUtil32_<version>_Plugin.exe
  • NPSWF32_<version>.dll

from C:\Windows\System32\Macromed\Flash on another machine and paste them to C:\Users\<myusername>\AppData\Roaming\Mozilla\Plugins on my work machine. When Firefox starts, it scans the various locations (http://kb.mozillazine.org/Plugin_scanning) and finds both this version and of course the outdated version originally installed, which IT does not update (currently 11.1.102.55). This effectively updates Flash, and until IT finds a solution to distribute updates I'll have to continue to update Flash manually (Java is unfortunately not so easy to fix), but still leaves me with a problem.

My perceived problem is that Firefox still scans the default installation directory of Flash and thus finds the outdated version. Under Add-ons > Plug-ins, I can select from "Ask to Activate," "Always Activate" and "Never Activate." If I select "Ask to Activate" for the current version (12.0.0.43) and "Never Activate" for the old version (11.1.102.55), upon restarting Firefox it sets both to "Ask to Activate." I conclude that Firefox does not treat separate Flash versions independently. Since constantly being prompted to activate Flash is bothersome, I could just set both to "Always Activate," but that leaves an old, even-more-compromised-than-the-current version of Flash activated.

The best solution, I suppose, would be to uninstall the outdated version of Flash, but I don't have the administrative rights to do so, and don't want to pester our IT administrators. I could prevent Firefox from scanning the directories specified in the Windows registry for PLIDs (see above link), but this would prevent it from finding my also-outdated-but-only-installed Java Plug-In, which I keep thinking I need. The behavior I'm after is to prevent Firefox from scanning or finding the old Flash version, while still finding my Java Plug-in. How could I go about this?

Thanks

Our IT department—what a great way to start a question—does not roll out regular updates for Flash. To bridge this security gap for Firefox on my work computer, I copy the following files: * flashplayer.xpt * FlashPlayerPlugin_<version>.exe * FlashUtil32_<version>_Plugin.exe * NPSWF32_<version>.dll from C:\Windows\System32\Macromed\Flash on another machine and paste them to C:\Users\<myusername>\AppData\Roaming\Mozilla\Plugins on my work machine. When Firefox starts, it scans the various locations (http://kb.mozillazine.org/Plugin_scanning) and finds both this version and of course the outdated version originally installed, which IT does not update (currently 11.1.102.55). This effectively updates Flash, and until IT finds a solution to distribute updates I'll have to continue to update Flash manually (Java is unfortunately not so easy to fix), but still leaves me with a problem. My perceived problem is that Firefox still scans the default installation directory of Flash and thus finds the outdated version. Under Add-ons > Plug-ins, I can select from "Ask to Activate," "Always Activate" and "Never Activate." If I select "Ask to Activate" for the current version (12.0.0.43) and "Never Activate" for the old version (11.1.102.55), upon restarting Firefox it sets both to "Ask to Activate." I conclude that Firefox does not treat separate Flash versions independently. Since constantly being prompted to activate Flash is bothersome, I could just set both to "Always Activate," but that leaves an old, even-more-compromised-than-the-current version of Flash activated. The best solution, I suppose, would be to uninstall the outdated version of Flash, but I don't have the administrative rights to do so, and don't want to pester our IT administrators. I could prevent Firefox from scanning the directories specified in the Windows registry for PLIDs (see above link), but this would prevent it from finding my also-outdated-but-only-installed Java Plug-In, which I keep thinking I need. The behavior I'm after is to prevent Firefox from scanning or finding the old Flash version, while still finding my Java Plug-in. How could I go about this? Thanks

Additional System Details

Installed Plug-ins

  • Shockwave Flash 12.0 r0
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • Shockwave Flash 11.1 r102
  • Fortinet SSL VPN FortiControl Firefox Plugin
  • Fortinet SSL VPN CacheClean Firefox Plugin

Application

  • User Agent: Mozilla/5.0 (Windows NT 6.1; rv:26.0) Gecko/20100101 Firefox/26.0

More Information

cor-el
  • Top 10 Contributor
  • Moderator
17541 solutions 158604 answers

Maybe you can check the pluginreg.dat file to see if you can disable/remove the other Flash plugin and make the file read-only to prevent changes.

You can use this button to go to the Firefox profile folder:

  • Help > Troubleshooting Information > Profile Directory: Show Folder (Linux: Open Directory; Mac: Show in Finder)
Maybe you can check the pluginreg.dat file to see if you can disable/remove the other Flash plugin and make the file read-only to prevent changes. You can use this button to go to the Firefox profile folder: *Help > Troubleshooting Information > Profile Directory: Show Folder (Linux: Open Directory; Mac: Show in Finder) *http://kb.mozillazine.org/Profile_folder_-_Firefox *http://kb.mozillazine.org/Issues_related_to_plugins

Modified by cor-el