Webpages are allowed to run Flash plugins automatically
Description
Flash plugins are insecure as they are prone to many vulnerabilities. Therefore, Websites should not be allowed to run Flash plugins automatically. Allow users to grant permission whether to run Flash plugins or not, by resolving this misconfiguration.
Severity
Moderate
Category
Chrome Security Hardening
Resolution
Follow the below steps in GPO to resolve the misconfiguration.
Windows group policy:
1. Open the group policy editor tool with gpedit.mscĀ
2. Navigate to Policy Path: Computer ConfigurationAdministrative TemplatesGoogleGoogle ChromeContent Settings Policy Name: Default Flash setting Policy State: Enabled Policy Value: Click to play
Does remediation require reboot?
No
Vulnerability Manager Plus tracks security configurations and remediate misconfigurations in your network systems from a centralized console. View a list of all the security misconfigurations detected by Vulnerability Manager Plus.