2 Replies Latest reply on May 26, 2016 3:42 PM by Regis

    Another Flash 0-day in the wild.   Anyone blocking Flash yet? Web Ads?  Strategies?




      I have 3 questions for you fellow in-the-trenches proxy admins.  I'd be delighted with any input on any or all of them that you can share from your experience.


      1. Has anyone successfully transitioned to a url or site whitelist approach for allowing Flash?   I know some folks do this with Java with sleep-assuring success.
      2. On a semi-related note, how many of ya are able to block Web Ads category and avoid the pitchforks and user screaming?
      3. On a wing and a prayer note, is there a single administrator who has successfully blocked Uncategorized and not been neutered by the users before noon on Monday?  The best I've achieved in an environment is uncategorized executables from med/high risk ip's  or known unfriendly TLD's.     (This "block all uncategorized" advice strongly advocated by a couple of incident responders from a rather well known vulnerability scanning vendor giving a talk at a local security conference last week ... which smacked of "I've never actually attempted any of the advice I'm espousing," but I'd like to verify that with you fellow proxy admins)


      Why I ask:

      With yet another Flash 0 day in the wild that Adobe will be taking some time to fix [ Microsoft and Adobe warn of separate zero-day vulnerabilities under attack | Ars Technica ] and given that Flash appears to be finally moving into the autumn of its relevance  [ Firefox 53 will ditch support for plug-in Flash New Firefox versions will make you activate all new add-ons – except one hacker favourite • The Register ]   ....    I'm wondering if it's becoming plausible to block Flash at the gateway except for sites that require it and have a business need.  I know off hand a learning management system site we work with would need to be on that whitelist while we flog them to embrace html5.


      Thanks so much for any insight or shared experience.