WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud Foundation
  • VKS
  • Homelab
    • Resources
    • Nested Virtualization
  • VMware Nostalgia
  • Apple
You are here: Home / vSphere / Adobe Flash is going away, is your VMware environment and IT Organization ready for it?

Adobe Flash is going away, is your VMware environment and IT Organization ready for it?

10.29.2020 by William Lam // 12 Comments

Hopefully this news should not come as a surprise to anyone but at the end of this year (December 31, 2020), Adobe and all mainstream web browsers will remove Flash functionality preventing users from interacting with any Flash-based web applications. This will also impact usage of VMware products that still uses Flash such as older versions of vSphere with the vSphere Flash Web Client or vCloud Director with their Flash-based Tenant UI as an example.


The large majority of VMware customers have already migrated off to newer versions of VMware products that no longer rely on Flash and this announcement will be a no-op for them. However, the reality is that not every customer has been able to meet this deadline for one reason or another will still have VMware products running in their Production environment that uses Flash even after the official end of life.

For these customers, it is really important to understand what are some of the implications and considerations to be aware of leading up to end of the year.

Background

For some background, since I have not met or spoken to a single person who will actually miss Flash nor is it a technology I tend to talk about 🙂 A few weeks back, I was talking to both Emad Younis and Simon Long about updating and rebuilding our internal VMware lab environment. It has been around for 3-4 years now and it was originally setup with NSX-V and while it has served us well over the years, it was time for an upgrade and to move to NSX-T. We had been holding off due to various projects and honestly, we just did not have the time. With VMworld now behind us, it was time to really get serious about the upgrade and have Simon (new guy) rebuild the setup 😉 While Simon was getting familiar with the environment, I realized that he still needed to use the vSphere Flash Web Client to access some of the NSX-V specific configurations to better understand the existing setup.

This actually got me thinking, what if we actually had waited until after the holidays to upgrade? Would it even be possible, would we run into any issues given the impending deadline? What affect would this have on the end users who may rely on a Flash-based UI interface? Well, it could mean some major fire drills and impact to your users if your organization is not ready and prepared.

Not only are the mainstream web browsers removing Flash functionality, some of this has already been implemented by automatically "blocking" flash websites and if you wish to override that behavior, you must explicitly acknowledge and allow the content to be rendered. After 2020, this user override behavior will simply not exists. In addition, older version of web browsers that support Flash will be removed and no longer be made available and Adobe itself will also stop the distribution of older releases of Flash all together.

In fact, just yesterday I came across an article where an upcoming Windows 10 update will completely remove Flash from the operating system and this change can NOT be reversed outside of restoring your Windows OS. I suspect other operating systems including Apple MacOS may follow a similiar path in getting rid of Flash.

Considerations

  • Do you have an IT or an End User Computing team that manages your desktop image, updates and applications? If so, definitely reach out to understand what the Flash EOL will mean for your organization
    • Will they be applying the latest Windows updates which removes Flash from operating system?
    • Will they be applying the latest browser updates which will also remove Flash functionality?
    • If so, when are these changes coming as they are usually managed through some type of group policies and can roll out at any given time, so it could even disable your access to your VMware environment before the end of the year
  • When talking about VMware-based UIs, we generally think about it from an Administrator point of view but in many organizations, that is just one of the many potential consumers of the UI
    • Take vSphere as an example, I know many organizations which provide direct vSphere UI access their end customers and that means, the impact is more than just the VI Admin, Network, Storage and Operators but it is the actual end users. What policies govern their desktop and are they the same or different from the administrators? This means the number of affected users can grow quite significantly depending on your overall base
    • vCloud Director is another interesting solution because it has two different UIs, one of which is designed for Tenant users. This means, the ownership and the access is a completely different set of users than the folks managing the solution. This is certainly true when you look at a Managed Service Provider, you can have hundreds or thousands of end users relying on that UI.
    • Are you able to ensure that their desktops will not be remediated which could affect their access?

Impacted VMware Products

If you have not already inventory which VMware products you are still using which rely on Adobe Flash, the following table can help which was also recently added to VMware KB 78589. I also recommend subscribing to this KB for future additions and updates.

Product Recommendation
vSphere 6.7 GA or older 6.7 Update 3 or newer
Horizon 7.8 or older 7.10 or newer
vCloud Director 10 or older 10.1 or newer
NSX for vSphere 6.4.7 or older 6.4.8 or newer
Site Recovery Manager 6.5 or older 8.1 or newer
vSAN 6.5 or older 6.7 Update 3 or newer
vRealize Orchestrator 7.5 or older 7.6 or newer
vRealize Automation 7.6 or older 8.0 or newer
vRealize Operations 6.5 or older 6.6 or newer

Workarounds

Obviously, the best workaround is to ensure that you are running at least the recommended VMware product version noted above which no longer uses Adobe Flash for its UI, but in case that is not possible, here are few options.

Option 1: 

Starting with Adobe Flash Player June 2020 update, a set of Enterprise Enablement features were added to help Enterprises manage the Flash EOL. Users can update the mms.cfg configuration file which is based on the operating system and the web browser that you are using allowing all/or a specific set of URLs to still access the Flash site by using the AllowListUrlPattern parameter. For more details, please refer to the Adobe Flash Player Admin Guide (Page 37).

Here is an example of what the mms.cfg could look like:

EOLUninstallDisable=1
EnabledAllowList=1
AllowListPreview=1
AllowListUrlPattern=https://FQDN/

Where FQDN can be your vCenter Server, vCloud Director or any other hostname which is serving up Flash content. You do not have to specify the full path of the application URL for this to work.

Here is the location of the mms.cfg for the various operating system and browser combination. This was also recently added to VMware KB 78589 and definitely recommend subscribing to this KB for future additions and updates.

Google Chrome on Windows %localappdata%\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\System\mms.cfg
Edge Chromium on Windows %localappdata%\Microsoft\Edge\User Data\Default\Pepper Data\Shockwave Flash\System\mms.cfg
32-bit Windows %windir%System32\Macromed\Flash\mms.cfg
64-bit Windows %windir%\SysWOW64\Macromed\Flash\mms.cfg
MacOS /Library/Application Support/Macromedia
Google Chrome On MacOS /Users/<username>/Library/Application Support/Google/Chrome/Default/Pepper Data/Shockwave Flash/System

Option 2:

Leverage VMware Automation tools such as PowerCLI, VMware SDKs/CLIs, etc. to perform specific tasks which require a Flash-based UI. Some customers have taken this approach to remove the need to have their admins or end users directly interact with a VMware product and provide an end-user portal for these common operations. Web Commander is just one example, where PowerShell/PowerCLI scripts can be executed from centralized portal and you can certainly build your own or leverage other VMware solutions like vRealize Orchestrator or vRealize Automation providing similiar functionality. This does require some level of development but for those who are already automating their infrastructure, this could be a nice short term workaround for the cases where you may need the Flash UI.

Additional References

Browser Support Statements:

  • Microsoft: https://support.microsoft.com/en-us/help/4520411/adobe-flash-end-of-support
  • Google: https://www.blog.google/products/chrome/saying-goodbye-flash-chrome/
  • Mozilla: https://blog.mozilla.org/futurereleases/2017/07/25/firefox-roadmap-flash-end-life/

More from my site

  • "Shockwave Flash has crashed" workaround for vSphere Web (Flash) Client
  • Quick Tip - Useful Flash Player optimization for the vSphere Web Client & other Flash WebApps
  • Accessing the vSphere Web Client from a Linux desktop?
  • Community stories of VMware & Apple OS X in Production: Part 3
  • VSAN Flash/MD capacity reporting

Categories // vSphere, vSphere Web Client Tags // adobe, flash

Comments

  1. *protectedsdkeslar says

    10/29/2020 at 10:12 am

    Not a VMware product, but if anyone out there is running RecoverPoint for VMs less than v. 5.3, you'll also need to upgrade to get the VMWare plugin that doesn't need Flash.

    Reply
  2. *protectednneul says

    10/29/2020 at 11:54 am

    We'd be a lot more ready for it if there weren't still bugs in the HTML client for basic functionality like adding permissions for an AD domain user (searches that don't work right and UI functions that make it to where you HAVE to search instead of just allowing entry of a UPN or DOMAIN\groupid). We have workarounds for things, but some of this is just embarassingly bad missing basic functionality.

    Reply
  3. *protectedMarkus Schmidt says

    10/29/2020 at 2:33 pm

    Workaround Option 3: Just ThinApp some browser of your choice including flash - just in Case.

    Reply
  4. *protectedHiko says

    10/29/2020 at 4:50 pm

    You've not met anyone that'll miss native flash support?
    Hi, I'm your first, I suppose. A good number of indie games were developed in flash, and I know a few that still are right now. Third party players are everywhere. Flash may be going away officially, but it's not going away anytime soon.

    Reply
  5. *protectedAnonymous says

    10/30/2020 at 2:11 am

    vSphere 6.5 supported until 2021/11/15 and the H5 client in this version doesn't cover even day-by-day operations like creating VMs with guest customizations and static IPs, so we stay with Firefox ESR + Flash Player for at least a year.

    Reply
    • *protectedBleddyn Davies says

      10/31/2020 at 1:41 am

      Running vSphere 6.5 (limited by hardware to this version). Upgraded our vCenter to 6.7 the other week to get around this flash issue. A very painless process.

      Take backups first though 🙂

      Reply
  6. *protectedPreetam says

    11/01/2020 at 1:16 pm

    Since this day till dec we have freeze. There is no way we can do this. I'm thankful to you for writing this post.

    Reply
  7. *protectedMariano says

    12/01/2020 at 9:20 am

    vSAN 6.5 or older 6.7 Update 3 or newer How about if we are running vSAN 6.6.x?

    Reply
  8. *protectedNicholas Kulkarni says

    01/23/2021 at 10:40 pm

    just tried this on Chrome Version 87.0.4280.141 (Official Build) (64-bit) using Option 1 and it does not work.

    It does re-enable the flash handling you get do you want to run flash prompt and then the out of date do you wish to update prompt but on saying no to both and attempting to load vsphere client you are presented with a single logo of a red lower case f and a blue logo lower case i . Clearly its about flash and wants to give you information. Clicking it takes you to https://www.adobe.com/products/flashplayer/end-of-life.html

    Reply
  9. *protectedGustavo Amaral says

    02/17/2021 at 1:06 pm

    Folks I have been looking for some way to filter more then one VM in the vcenter client (as I use to do in the flash vcenter client) without success. Is some one found any workaround that's work for that? Tks in advance!

    Reply
    • *protectedNicholas Kulkarni says

      02/18/2021 at 2:00 am

      Hi Gustavo,

      I am assuming you have an older install of vSphere that still uses flash
      If so then install a copy of Firefox ESR 78.6.1. and do not allow it to update
      If you still have a download of the old stand alone Flash Installer run it to install flash
      Use this to access the vSphere, do not accept the offer to upgrade flash because it is out of date.
      click allow to use the older version of flash.

      If I am wrong and you have a new vSphere that is just HTML 5 and want some of the old functionality of flash I am sorry I do not have an answer to that problem

      Reply
  10. *protectedChris says

    12/30/2021 at 2:09 am

    A temporary solution with Basilisk Portable with Flash https://archive.org/details/basilisk-portable-with-flash#reviews

    Reply

Thanks for the comment!Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search

Thank Author

Author

William is Distinguished Platform Engineering Architect in the VMware Cloud Foundation (VCF) Division at Broadcom. His primary focus is helping customers and partners build, run and operate a modern Private Cloud using the VMware Cloud Foundation (VCF) platform.

Connect

  • Bluesky
  • Email
  • GitHub
  • LinkedIn
  • Mastodon
  • Reddit
  • RSS
  • Twitter
  • Vimeo

Recent

  • Programmatically accessing the Broadcom Compatibility Guide (BCG) 05/06/2025
  • Quick Tip - Validating Broadcom Download Token  05/01/2025
  • Supported chipsets for the USB Network Native Driver for ESXi Fling 04/23/2025
  • vCenter Identity Federation with Authelia 04/16/2025
  • vCenter Server Identity Federation with Kanidm 04/10/2025

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2025

 

Loading Comments...