How to remove Flash from Windows 10

As many of you have discovered by now, Microsoft surreptitiously added the Flash player in an update well after the upgrade to Windows 10. It isn’t possible to remove it using the standalone uninstaller from Adobe as in previous versions as this is now baked into Edge, Microsoft’s new browser… almost.

It is possible, to remove the plugin, but it requires a fair bit of manual labor to do so. First, go to Edge and select options (the . . . ) and follow the steps to make sure the Flash is turned off.

Edge > Options > Settings

Scroll down and click on “View advanced settings”

Make sure Flash is turned off.

Now the fun part

Microsoft has set ownership permissions for all the files we need to delete so that none of them can be removed without changing them first. The files we need to delete are located in the following places :

• C:\Windows\System32\Macromed\Flash
• C:\Windows\SysWOW64\Macromed\Flash

In each of these directories, you should see these files :

• activex.vch
• Flash.ocx
• FlashUtil_ActiveX.dll
• FlashUtil_ActiveX.exe

You may also see FlashInstall.log. Trying to delete these will give you a permission denied error. To change that, follow these steps. Be advised that you’ll have to follow these steps for each of those files individually as Microsoft has made it very difficult to collectively apply the same permissions by inheritance.

Right click > Properties > Select the “Security” tab. Click “Advanced”.

Note on top how the current owner is “TrustedInstaller” (the biggest oxymoron in software if there ever was one).
Click on “change” to take ownership.

You’ll be presented with the familiar user selection box.
Click “Advanced”.

…and “Find Now”.

Select your username and click “OK”

…and then “OK” again on the user box.

You’re now the owner of the file to delete, but that’s not enough. You need to change the principal access.

Select the “Auditing” tab and click “Add”.

Click “Select a principal”. We’ll have to do the same user selection song and dance we did before (“Advanced”, “Find Now” etc…)

But now we can check “Full control”.

Once you’ve done this, click “OK” and then back at the “Auditing” tab…

…click “Apply”.

You’ll see a security dialog saying you’ll need to close and reopen the security properties. That’s fine (it’s the least of our worries at this point). Click “OK” on the dialog and back at the “Auditing” tab and move on.

Close all the dialogs. Right click on the file again and select “Properties” and select the “Security” tab as before. Click on “Edit” and you’ll see this.

Now you should be able change the permissions by selecting your username and checking “Full control”

You’ll get a warning dialog. Just click “OK” on it and click on “OK” on the permissions box too. You can now delete that file.

Whew!

Cleaning the control panel

You’ll still see the FlashPlayer utilty in the control panel so to remove that, go to C:\Windows\SysWOW64 and delete:

• FlashPlayerApp.exe
• FlashPlayerCPLApp.cpl

Keep in mind, however, that there’s nothing preventing Microsoft from installing Flash on your system again. You don’t own proprietary software. Yes it’s your computer and you may pay for it (well, Windows 7, since this is a free upgrade), but you don’t own it if you can’t control what’s on your system how it gets there. Further, Windows 10 is as close to Software as a Service as you’ll get while still having something installed. It’s the most invasive in terms of your privacy as well, but there are mitigations you can take.

For your next operating system, may I suggest Linux Mint?

Advertisement

No such thing as an obsolete browser or OS IV

This is a little update on Steve‘s suggestion. You can view past updates for OSes in 2008, browsers in 2009, OSes and browsers in 2009, and in 2011. And just as before, we still have a few hits from IE 2.0. Though in what seems to be common trend across a lot of sites out there, Safari and Firefox are far ahead of Internet Explorer. Don’t know if this will change with the proliferation of Windows phones and Safari most likely includes a sizable number of iPhones.

On the OS front, Windows is still ahead with XP having the same usage share of Mac OS X. I believe “Windows NT” includes Windows 7/8 and Server 2008.

Browsers visiting eksith.com in September

Operating Systems hitting eksith.com in September

 

Nostalgia: A History of Windows Startup and Shutdown themes

You know you’re a child of the 80’s when your nostalgia includes memories of the Windows OS, specifically the startup and shutdown themes. I have to say that Windows 95 and 2000 had the best startup music of the entire series. A few of the betas also had great music, but it’s a shame they never made it to the final release.

If only these OSes had the same creativity and care when it came to the internal plumbing and security, Microsoft would have left the greatest legacy in the computing world.

OpenBSD: Otherwise known as Marmite

There are a lot of misconceptions about OpenBSD, chief of which is that it’s bulletproof. Well, the default install has had “only two remote holes, in a heck of a long time”, however those of us on planet Earth realise that few people stick to the default install in the first place. If you need your system to do anything aside from being a router or text-only web browser, then sure, default works handily.

The rest may get tedious so feel free to browse away now.

Security is a process

I’ve lost count of how many times this has come up, but it still bears repeating.

It’s not a destination. Never has been and never will be considering vulnerabilities are discovered all the time in other software needed to turn the afore-mentioned brick into a house. Just because you run a very secure OS, doesn’t mean anything else running on it won’t break and let in something bad through the cracks.

From the FAQ :

The packages and ports collection does NOT go through the same thorough security audit that is performed on the OpenBSD base system. Although we strive to keep the quality of the packages collection high, we just do not have enough human resources to ensure the same level of robustness and security.

Introducing any new software to the machine, regardless of a tar download or ports, will create potential vulnerabilities which the sysadmin has to keep an eye on, apply patches and chroot as necessary. I’m sure I don’t need to go over backing up before applying said updates as that’s just common sense.

Current vs Stable

Current is more likely to break, but you also get fixes fairly quickly. Stable is slower to get fixes, but is less likely to break in the first place.

This is pretty much true of any of the BSDs or really most of the Linux distros for that matter so plan accordingly.

Don’t choose current just for needless features on a production system.  Make an informed decision on whether you’re using the full capabilities of a current branch before using it. I generally stick to stable for production systems unless there’s a feature absolutely needed that’s not in stable, which is very rare.

RTFM

The FAQ, the manual and the mailing list are your friends so don’t ignore them.

Always treat these sources from the project site as your primary references. There are many wonderful tutorial sites on the net about configuring, securing (see above), and otherwise using OpenBSD, but the main sources provided on the project site are still your most reliable, up-to-date, and complete reference. Also it has, by far, one of the most comprehensive manuals for an open source project.

I’m by no means an OpenBSD expert, but I’m patient when it comes to learning and I don’t get embarrassed about asking questions if I don’t know something. You never stop learning.

That said, people who say “OpenBSD is pretty easy” or equivalent are pretentious and condescending. OpenBSD has a steep learning curve and downplaying that with statements attesting ease of use only serve to frustrate and offend people just getting into it. It gets “easier” as time goes by and  as you get familiar with the environment, you will end up with a lot of capability in a very secure and stable system.

It takes a lot of reading and familiarization to get your feet wet and even if you come from a *nix background, it never hurts to read-up. OpenBSD’s strong points are security, consistency and predictability. The last two really help when learning the system.

People within the Linux and BSD community can only help their platform of choice by getting rid of the condescension toward novices.

It’s Marmite (I.E. It works for me)

OK, I get it. You don’t have to go on-and-on about how hard it is and how you just don’t understand or how anyone can use it vs, say, another BSD or Linux distro to get the same, if not better, functionality for the same effort.

If any of the other BSD or Linux flavor floats your boat, well then, more power to you.

I’ve been using Nginx + MySQL + PHP + OpenBSD on one particular production site for quite a while and I’ve been very happy. Maintenance has rarely been a problem, albeit it’s more involved due to chrooting, but I’ve had no complaints so far with the site breaking.

If anyone asks me and if it’s appropriate, this is what I’d recommend, not just on security grounds, but also because I found it consistent and reasonably straightforward to keep secure for the forseeable future. And I’m using it on that production site because it was appropriate for my situation.

Quit trying to convert people to your religion in regular face-to-face conversations saying your Kool-Aid is better for everything. You just sound like a bunch of intolerant morons; as if we needed more of those these days. If what someone does with their system isn’t your cup of tea, but doesn’t affect your system or what you do, then mind your own damn business.

Linux vs BSD comparisons?

I’ve gone over this so many times in real life, I don’t have the energy to do it again, but I will say this. Apples and Oranges — Linux is a kernel and you have a zillion different distros (Operating Systems) that use said kernel which specialize in different things or you can roll out your own. Choose or build carefully.

As for how I feel about other people’s opinions on what I choose; I’ll let Denny Crane explain :

No such thing as an “Obsolete” OS or browser – Part III

Well, it’s been two years since I did one of these and it’s always good to look back and see how things have changed. I ended up being taken aback by how little it had, once again proving the point; you can’t force people to upgrade or change if they don’t want to or can’t.

Let’s see what happened last month…

OS Stats for November, 2011 on eksith.com

I have a sneaking suspicion that “Windows NT” includes Windows 7 hits considering the percentage, but I can’t be sure. Vista is no where near Windows XP, as expected, and there’s still one straggler on Windows 3.xx. I’m a little surprised to see no RedHat or Suse hits last month.

Browser Stats for November, 2011 on eksith.com

Firefox is showing the full spectrum of versions once again (except 1.x) from ancient to bleeding edge and, rather worryingly, IE 2.0 hits actually increased from the last time. These were probably from ancient PCs used by people who are only now getting accustomed to the Internet. This would also explain why there are so many zombie PCs as part of botnets.

The last time I did this, I linked the FOSS.lk Conferences page in the comments and I was hopeful that this would be a new trend toward the expansion of Open Source awareness in Sri Lanka. I’m a bit worried that the site hasn’t changed in over three years now and I hope the momentum hasn’t slowed.

Open Source software would go a long way to alleviate budget and security woes and, as a side benefit, would make the rampant software piracy in the country a thing of the past. You know… reputation and all.

Hopefully, the next time I visit Sri Lanka, I won’t have to do tech support at each house I visit that has a computer.