Configure Click to Play Flash in Web Browsers

Threat Level: Medium
Threat Type: Flash Exploit
Advisory Date: 07/13/2023

Description

Information Services is asking all users to manually set flash to 'Ask to Activate' in all browsers on their system, also known as 'Click to Play'.  Browsers will start the Flash player whenever a webpage is loaded containing Flash based content. This is a security risk as Flash is a common target of malicious websites which seek to exploit weaknesses in the Flash browser plug-in.  A successful exploit can result in a compromised account and computer.  

Impact

By setting Flash to execute when the user wants to view Flash content, rather than automatically loading, the risk of being exposed to a potentially harmful website is dramatically reduced.  By configuring Ask to Activate, user interaction is required to play Flash content, rather than a website automatically loading potentially harmful content with no user involvement.

The University of Regina has experienced several exploits of Flash in recent months.  Thankfully, the incidents have been small and managed quickly, but we need to mitigate the risk and protect our network from being compromised in the future.   Notably, these types of exploits are often so new, antivirus or software updates do not yet offer protection.  This recommended configuration helps address this very common threat vector as four of the five most widely exploited new vulnerabilities last year were in Adobe Flash.    

Resolution

Unfortunately, we are not able to update this setting automatically over the network.  Users must go into their browser settings and manually make the security changes required.

Please take a few moments to adjust your browser settings so that Flash will prompt you to allow it to run.

It should be noted that future releases of major browsers will implement ‘Ask to Activate’ for Flash by default as Flash content is being replaced by less risky HTML5 content.

Mozilla Firefox

1) Click the Menu Button (three horizontal lines at the top right corner, under the X)

2) Click "Add-ons"

3) Click "Plugins" on left side

4) In the 'Shockwave Flash' section: Click the dropdown arrow on the left side and choose "Ask to Activate"

5) You can then close the tab that opened, called "Add-ons Manager"

Internet Explorer

1) Click the Tools Button (gear-shaped icon at top right, under the X)

2) Click "Manage add-ons"

3) On the left side: Click "Toolbars and Extensions"

4) Lower on the left side: Click the dropdown under 'Show:' and choose "All add-ons"

5) In the middle: Locate "Shockwave Flash Object"

6) Right-Click "Shockwave Flash Object" and choose "More Information"

7) Click "Remove all sites"

8) Click "Close"

9) You can then close the window that opened, called "Manage Add-ons"

Google Chrome

1) Click the Menu Button (three vertical dots at the top right corner, under the X)

2) Click "Settings"

3) Scroll to the bottom of the page

4) Click "Show advanced settings..."

5) Under Privacy click "Content Settings"

6) Scroll down to "Plugins" section

7) Click "Let me choose when to run plugin content"

OR on older versions select "Click to play"

8) Click 'Done' at bottom left

9) You can then close the tab that opened, called "Settings"

MacOS Safari

1) Click Safari at top left, then click Preferences...

2) Click Security tab, then click "Plug-in Settings" OR "Manage Website Settings"

3) Click 'Adobe Flash Player'

4) In the "When visiting other websites" menu at bottom right, choose 'Ask'

5) Click 'Done'

Thank you for assisting us in this endeavour to further ensure the security of our systems and network.

Resources

Please contact the IT Support Centre if you have any questions or require assistance:

Email IT.Support@uregina.ca

Phone 306-585-4685

Webform https://www.uregina.ca/is/forms/ticket.html

In Person at ED 137 or Archer Library Commons