Microsoft will permanently remove Flash from Windows PCs by July 2021
Microsoft plans to eliminate a major security risk by removing all remnants of the old Adobe Flash Player app from Windows operating systems by July 2021, the company said last week.
The move comes after Adobe formally deprecated Flash Player, which reached its end-of-life (EOL) on December 31, 2020.
Today, Adobe does not release any kind of software updates for Flash Player, meaning the app is the equivalent of dead code sitting on Windows computers around the globe and is ripe for exploitation by hackers and malware operations.
While Microsoft and the other major web browsers removed the Flash Player plugin from their browsers' source code, Flash Player code is still installed at the OS level.
Microsoft realized this would be an issue last year.
In September 2020, the OS maker released the KB4577586 update packages that would remove all traces of the Flash Player app from Windows devices.
Initially, the update package was offered as an optional download that system administrators could get from the Microsoft Update Catalog portal and deploy at their discretion.
But without any kind of formal announcement, Microsoft started silently and forcibly deploying the KB4577586 update to some Windows 10 computers in February 2021.
It is unclear how many Windows computers received KB4577586 in February, but in an update to its September 2020 blog post made last week, Microsoft now says the end goal is to deploy the update to most Windows systems by July 2021.
- Starting in June 2021, the KB4577586 "Update for Removal of Adobe Flash Player" will be included in the Preview Update for Windows 10, version 1809 and above platforms. It will also be included in every subsequent Latest Cumulative Update.
- As of July 2021, the KB4577586 "Update for Removal of Adobe Flash Player" will be included in the Latest Cumulative Update for Windows 10, versions 1607 and Windows 10, version 1507. The KB will also be included in the Monthly Rollup and the Security Only Update for Windows 8.1, Windows Server 2012, and Windows Embedded 8 Standard.
Microsoft expects that as the updates roll out over the summer, most Windows operating systems would have Flash Player removed.
Despite its intrusive nature, the move is bound to spark little to no pushback from the IT community.
The reason is that Adobe silently introduced a time bomb in the Flash Player code last year that would prevent Flash Player from working and playing any content after January 12, 2021.
Today, the Flash Player app is effectively useless and can't be used to show any content. Removing it is the best and most secure solution, and the reason why Adobe also prompted users with popups to uninstall the app as soon as possible.
Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.