It appears your user received a notification to update the outdated version of Flash Player. Since you're users are non-Admin and Admin permissions are required to install, I recommend disabling notification auto-updates on the system and managing updates to your users via some other method. To disable auto-updates, edit the mms.cfg file as follows:
The file is located at:
- Win 32-bit: \Windows\System32\Macromed\Flash
- Win 64-bit: \Windows\SysWow64\Macromed\Flash
- OS X: /Library/Application Support/Macromedia
Note that disabling updates in this manner also disables background updates, if you have opted into background updates. The Adobe Flash Player Administration Guide for Flash Player | Adobe Developer Connection contains several strategies for deploying and updating Flash Player outside of notification auto-updates.
11.9 is quite old and is not being updated with security releases, leaving your users vulnerable to security threats. Unless there's a compelling reason to keep your users on 11.9, I highly recommend updating Flash Player to either the latest release (currently version 16) which receives regular feature updates, bug fixes, and security fixes; or the Extended Support Release (currently version 13) which receives only regular security updates, no feature updates or bug fixes.
Thank you for the response.
I did find by running a batch file at login I can also remove the scheduled task for the update.
SchTasks /Delete /TN "Adobe Flash Player Updater" /f
del /f "C:\Windows\tasks\Adobe Flash Player Updater.job"
There isn't really a business need for some of the end users surfing the internet to flash sites. We do have a webfilter and that does help mitigate risk, as well as AV protection and soon Dell endpoint protection.
On our 2015 project plan we do have a line item to address the timely patching of 3rd party programs like Flash, Reader, Java, etc..
From my project list for 2015:
- Deploy an automated third party patch management solution for non-Microsoft products. (Will need to create a POLICY for this item. Suggested vendors include Shavlick; Patch Link; Dell/Kace for non-MS products)
Thank you for your assistance.
The task you saw is for the Background Updater. The Background updater does not require Admin permissions to install Flash Player. It runs completely in the background without user interaction. The behaviour you originally described (pop-up notification upon login) is for a notification update, which does require Admin permissions to install.
Flash is prevalent on may sites. Even if the users aren't intentionally visiting sites with Flash they could visit a page that has Flash content. Since 11.9 is installed, and it has not been updated, it leaves the system vulnerable. You may want to update to the latest version and then disable updates for everyone by deploying the mms.cfg file with AutoUpdateDisable=1 to all systems.
I checked this system and in bopth System32 or syswow64, there is no mms.cfg file, so maybe this version predates that way of configuring. I found the other method on another website where people said it worked, so thats where I figured that out.
We will try to do an update at some point when we can.