Windows 8 currently at risk with older Flash build

If you are one of the few people who are currently running the RTM build of Windows 8, you might think you would be all set in terms of being protected by bugs or exploits compared to the pre-release versions. That turns out to be not the case.

ZDNet.com reports that the RTM version does not have the latest version of Adobe's Flash player. Microsoft and Adobe made a big deal about the fact that Windows 8 has Flash support built into the OS and in Internet Explorer 10, without the need to download a web browser plug-in.

However, Adobe recently updated Flash to fix some security holes. That new version is not yet available for Windows 8 RTM users. When contacted, a spokesperson from Microsoft said:

Security is of course important to us, and we are working directly with Adobe to ensure that Windows 8 customers stay secure. We will update Flash in Windows 8 via Windows Update as needed. The current version of Flash in the Windows 8 RTM build does not have the latest fix, but we will have a security update coming through Windows Update in the GA timeframe.

That "GA timeframe" means on or about October 26th, which is still several weeks away. It's unknown why Microsoft would not allow a more timely update for Flash in Windows 8 for those users who have already bought legitimate copies of the RTM build.

Source: ZDNet.com | Image via Adobe

Report a problem with article
Previous Story

New Amazon Kindle eReaders officially announced

Next Story

New Kindle Fire tablets officially announced

65 Comments

Commenting is disabled on this article.

ArialBlue said,
Flash works just fine with IE10. Not sure what is up with all the "flash is buggy" comments. Rock stable here.


Same, even less hickups then on IE9.
But people slander and flame just cause they can And hating Adobe is really cool nowadays

Shadowzz said,
Damn, you need 3 things, I just need IE9/10 and enable tracking protection to achieve the same

True, but by using a third party sandbox you can use whatever browser you want (and get better a better adblocker in the process), never mind having the ability to sandbox anything, not just Flash.. significantly more secure.

I don't have computer running Windows 8, but I wonder if it is possible to disable Flash player in IE 10 (it is possible in IE 9 by going to Options, Manage add-ons, highlight Flash player and click Disable)?

alxtsg said,
I don't have computer running Windows 8, but I wonder if it is possible to disable Flash player in IE 10 (it is possible in IE 9 by going to Options, Manage add-ons, highlight Flash player and click Disable)?

Yes, but most everything will stop working. Youtube does NOT have h264/html5 support still for some of its videos. And forget about watching porn on your computer ever again.

ArialBlue said,

And forget about watching porn on your computer ever again.

You must not have an iPad. Not that I've ever visited such a site... but I've heard from someone I know that some of the biggest porn tubes do support HTML5 video.

thomastmc said,

You must not have an iPad. Not that I've ever visited such a site... but I've heard from someone I know that some of the biggest porn tubes do support HTML5 video.


Sure you havent, geesh man why you ashamed we all go there.

and indeed, several sites offer a mobile h.256 stream version.

Why is anyone still using Flash? Because of incompetent and/or lazy web developers not implementing HTML5.

It was obvious two years ago that Flash was obsolete, yet many haven't quit using Flash, or even worse, have continued to use Flash as a component in new projects.

That must really suck, to have gone to school, paid lots of money, and spent lots of time to learn a technology that has become unusable and irrelevant, but that's the way technology goes. You have to stay current and be ready to drop what you've learned before and acquire new skills.

There is no Flash on iOS or Android 4.1 "Jelly Bean". It has limited support on Windows RT.

Flash is dead. A chicken with it's head cut off still runs around in circles, but that doesn't mean it's going anywhere.

thomastmc said,
Why is anyone still using Flash? Because of incompetent and/or lazy web developers not implementing HTML5.

It was obvious two years ago that Flash was obsolete, yet many haven't quit using Flash, or even worse, have continued to use Flash as a component in new projects.

That must really suck, to have gone to school, paid lots of money, and spent lots of time to learn a technology that has become unusable and irrelevant, but that's the way technology goes. You have to stay current and be ready to drop what you've learned before and acquire new skills.

There is no Flash on iOS or Android 4.1 "Jelly Bean". It has limited support on Windows RT.

Flash is dead. A chicken with it's head cut off still runs around in circles, but that doesn't mean it's going anywhere.

Yeah screw you lazy web devs, you should just go back to all your clients and tell them that you NEED to update that bit of flash on their websites because you say so and HTML 5 is better. Then, you lazy feckers, you need to just do the work anyway when the client tells you to stick your fee up your ass for the job you are coming back to them about saying how new stuff is better.

God dam sick of lazy people, when new stuff comes out they need to accept that all past work needs to be updated ASAP and for free! God dam lazy arse holes!

duddit2 said,

Yeah screw you lazy web devs, you should just go back to all your clients and tell them that you NEED to update that bit of flash on their websites because you say so and HTML 5 is better. Then, you lazy feckers, you need to just do the work anyway when the client tells you to stick your fee up your ass for the job you are coming back to them about saying how new stuff is better.

Clients don't care about Flash or HTML5, they want a website that is secure, compatible, stable, and fast. It's up to web developers to use their best judgment on how to implement that. Flash isn't winning the security, compatibility or stability aspects of those needs. As for fast, that depends on your browser, OS, and hardware.

thomastmc said,

Clients don't care about Flash or HTML5, they want a website that is secure, compatible, stable, and fast. It's up to web developers to use their best judgment on how to implement that.


For me, HTML 5 is slower to load. Flash, in change loads quickly and has the nice touch that there is no need to re-encode for Firefox and Opera (they do not support .h264).
Furthermore, HTML5 varies (almost radically) from browser to browser. There are tags which Opera, and Chrome support, that IE (10) and Firefox do not.

So, until HTML 5 does not become a proper standard, I can't see this happening

Jose_49 said,

For me, HTML 5 is slower to load. Flash, in change loads quickly and has the nice touch that there is no need to re-encode for Firefox and Opera (they do not support .h264).

As I said, fast is relative to your browser, OS, and hardware. Firefox will always require Flash for most video on the internet, and will always require special code and fallbacks to Flash. All of the other top browsers support h.264 in HTML5.

When is supporting Firefox more important than supporting iOS, Android 4.1, Windows Phone 8, and Windows RT?

Jose_49 said,

Furthermore, HTML5 varies (almost radically) from browser to browser. There are tags which Opera, and Chrome support, that IE (10) and Firefox do not.

So, until HTML 5 does not become a proper standard, I can't see this happening

When has there ever not been varying implementations of W3C standards? HTML5 media is one of the least varied implementations of WC3 standards to date across all of the major browsers.

There is a good discussion about the irrelevance of Flash, and relevance of HTML5 here: http://www.linkedin.com/groupI...b-cmn&goback=.gmp_95409

thomastmc said,

Clients don't care about Flash or HTML5, they want a website that is secure, compatible, stable, and fast.

Unless they do. And you can't tell a serious client that it doesn't work on their old platforms, but otherwise it's arguably fast, arguably secure and arguably whatnot.

Phouchg said,

Unless they do. And you can't tell a serious client that it doesn't work on their old platforms, but otherwise it's arguably fast, arguably secure and arguably whatnot.

They don't care. What they care about is that you deliver those four things I mentioned, security, compatibility, stability, and performance. If you can do that better than someone else, that's why you get the contract.

You walk into the room with a client and push Flash as this great thing that's ubiquitous and will be around through the lifecycle of your product...

...and then I walk in and show them this blog post from Adobe: http://blogs.adobe.com/convers...ns/2011/11/flash-focus.html

...and this article from CBS: http://www.cbsnews.com/2100-205_162-20091788.html

And then I tell them that I will use, not an obsolete technology as admitted by the company who develops it, but the same technology that Adobe is focusing on instead of Flash because it's simply better suited.

Also, you never tell the client that their site won't work on anything. You make it work on everything in the best possible way you can.

You don't have to have an all or nothing approach. You simply have to provide Flash fallbacks for legacy users. There are dozens of HTML5 media players out there to incorporate into your site, many of which fallback to Flash for legacy users nicely.

thomastmc said,

Clients don't care about Flash or HTML5, they want a website that is secure, compatible, stable, and fast. It's up to web developers to use their best judgment on how to implement that. Flash isn't winning the security, compatibility or stability aspects of those needs. As for fast, that depends on your browser, OS, and hardware.


How is Chrome's HTML5 implementation a security increase? It gives 'the internet' direct access to your GPU hardware.......
And stability, I keep trying chrome every few months, and its the ONLY freaking browser that has allot of stability issues among its tabs.. Busy with something and BWAM all of a sudden 5 out of my 9 tabs are ... gone, broken 'oops sorry went wrong here' even on tabs where there is 0 flash to be found.

Haven't really had flash die on my recent years, then again I try and stick with the 64bit version ever since their 64bit beta and my main browsers are IE and FF.

Good thing you can vouch for all people's clients. Walk in a room like a baws, show blog-schmog posts and loudmouth about new tech - to what kind of client you can do that? Must be an amazing land.

This side of the keyboard corporate guys talk to random consultants who then outsource to our project manager to tell us what it will have to do, set the budget and set precise time constraints. And then it has to be done. Unless you're doing a blog or some other social shyte, there is no room for idealized things, fallbacks and creativity - internal systems are as rugged as possible.

Case in point - a retailer we were delivering new hardware to had a barcode reader module in Flash, yes, which our other division at the time had to upgrade to work with new serial number databases of a number of wholesalers and still handle old records in CSV flat files, now with multiple users at any given time. Time - four weeks strict. No time for rewrite, no time for anything, just take double coffee, Flash and get it done. There is a big corporate part where one just can't bullsht HTML5 into everything.

If there is Flash somewhere, nobody says - wow, what a great idea! But it damn well stays there.

Oh well, they were still running XP, anyway...

Phouchg said,
Good thing you can vouch for all people's clients. Walk in a room like a baws, show blog-schmog posts and loudmouth about new tech - to what kind of client you can do that? Must be an amazing land.

This side of the keyboard corporate guys talk to random consultants who then outsource to our project manager to tell us what it will have to do, set the budget and set precise time constraints. And then it has to be done. Unless you're doing a blog or some other social shyte, there is no room for idealized things, fallbacks and creativity - internal systems are as rugged as possible.

Case in point - a retailer we were delivering new hardware to had a barcode reader module in Flash, yes, which our other division at the time had to upgrade to work with new serial number databases of a number of wholesalers and still handle old records in CSV flat files, now with multiple users at any given time. Time - four weeks strict. No time for rewrite, no time for anything, just take double coffee, Flash and get it done. There is a big corporate part where one just can't bullsht HTML5 into everything.

I can only vouch for what my experience is. And yes, my experience is that clients don't want to hear about how cool the latest technology is or how bad the old technology is, but rather how you will deliver the most secure, compatible, stable, and best performing website.

Be clear, we're not talking about barcode readers, or custom business applications used in house or in retail operations. We're talking about websites. The main use for Flash in websites is for navigation and media.

Also be clear, that blog-schmog post from Adobe, the maker of Flash, is telling businesses and developers in no uncertain terms that they themselves are abandoning their own product for HTML5.

HTML5 is not something new. It didn't just happen this year, or last year. Apple's mobile products have been depending solely on HTML5 for several years now.

Some loudmouth must have walked into Steve Jobs office and "tricked" him into using something unfit for real world use. Did he make a blunder, or has the iPhone and iPad been a success without Flash?

Get used to HTML5. It is a requirement for every mobile device from now on, iOS, Android 4.1, Windows Phone 8, and Windows RT. If you feel comfortable ignoring mobile, stick with Flash.

snorge said,
If you use google chrome doesn't it have it's own flash player that auto updates?

Yes. The Chrome flash player is a different version than the IE10 flash player, and gets updated as needed whenever a new build of Chrome is released since it's built into the browser.

thomastmc said,

Yes. The Chrome flash player is a different version than the IE10 flash player, and gets updated as needed whenever a new build of Chrome is released since it's built into the browser.


Updating flash via chrome is the way adobe/ms should do.

soldier1st said,

Updating flash via chrome is the way adobe/ms should do.

Abandoning Flash like Apple and Android 4.1 is what MS should do.

thomastmc said,

Abandoning Flash like Apple and Android 4.1 is what MS should do.


MS is a strong protector of backwards compatibility.
Google and Apple arent.

But I like MS for being so strong on backwards compatibilities!

Provide an alternative that is not buggy (as far as support and compatibility goes) and doesn't have security issues, then we'll talk about one or another thing going away.

Phouchg said,
Provide an alternative that is not buggy (as far as support and compatibility goes) and doesn't have security issues, then we'll talk about one or another thing going away.

Or better yet, Don't bundle flash, but rather, give us the option, and please, they should release an update quicker than that. HTML5 is an alternative but it is still young.

Flash is so buggy and has security issues. I wish it would go away. The only time my browser ever locks up or crashes is due to flash.

BillyJack said,
Flash is so buggy and has security issues. I wish it would go away. The only time my browser ever locks up or crashes is due to flash.

Java/Shockwave or anything popular will always have security issues. Well that ain't exactly true. Software made by us fleshlings will always have issues, especially security. It gets popular and bam it has more security issues.

BillyJack said,
Flash is so buggy and has security issues. I wish it would go away. The only time my browser ever locks up or crashes is due to flash.

Chrome?
Only browser where my flash still dies, is Chrome... Havent had flash crashes for a long time on IE and FF.

Shadowzz said,

Chrome?
Only browser where my flash still dies, is Chrome... Havent had flash crashes for a long time on IE and FF.

Flash crashes for me in Firefox. It never use to do that but now it crashes and freezes a lot and I have to kill FF. I have not used flash in IE in a long time.

b0r1s said,
who cares, I am using Windows 7 and will wait Windows 9

there's always someone who has to point out that he's sticking with Win7 and will go with Win9.
i'm afraid to tell you bob, but Win9 will also have metro and even moreso then Win8.

Although flash player is sandboxed in IE since ie7/vista, the sandbox has been improved in ie10 (and is much more secure than chrome's sandbox).
However it is only enabled for ie/metro by default. IE/desktop still runs in the classic vista sandbox.

If you want to learn more about it and how to enable the new sandbox on ie10 desktop to protect against potential flash or IE exploits:
http://www.julien-manici.com/b...d-protected-mode-windows-8/

.Neo said,
This is exactly why Apple stopped including Flash with OS X.

Because Steve Jobs had had a pre-death vision and foreseen that Flash would eventually be embedded into Windows 8? This is why he decided to stop including it in OSX? As his final attempt to say "**** you" to Microsoft and not supporting Adobe?

StevenJ said,
Because Steve Jobs had had a pre-death vision and foreseen that Flash would eventually be embedded into Windows 8? This is why he decided to stop including it in OSX? As his final attempt to say "**** you" to Microsoft and not supporting Adobe?

... what?

Probably more likely due to Flash having an abysmal track record at security and stability and it sorely needs to be replaced, and frankly it's a good idea on Apple's part. Personally wouldn't mind MS calling IE10 the last version to support it.

StevenJ said,
Because Steve Jobs had had a pre-death vision and foreseen that Flash would eventually be embedded into Windows 8? This is why he decided to stop including it in OSX? As his final attempt to say "**** you" to Microsoft and not supporting Adobe?

What have you been smoking?

Flash has a terrible reputation as far as security goes. Updates had to distributed Adobe > Apple > End-user. Which is always going to take longer than Adobe > End-users. Not to mention the fact it isn't either Apple or Microsoft job to distribute third-party internet plugins to begin with.

.Neo said,

What have you been smoking?

Flash has a terrible reputation as far as security goes. Updates had to distributed Adobe > Apple > End-user. Which is always going to take longer than Adobe > End-users. Not to mention the fact it isn't either Apple or Microsoft job to distribute third-party internet plugins to begin with.

Your comment makes no sense. This article is not in regards to Flash, which has already been patched: it is in regards to Windows 8 and the delays in patching pre-"official" release.

Using your logic, Apple should also stop suppoting PDFs too (which have already been exploited on their operating systems).

StevenJ said,
Your comment makes no sense. This article is not in regards to Flash, which has already been patched: it is in regards to Windows 8 and the delays in patching pre-"official" release.

It takes longer for various reasons to bring updates to the end-user when updates have to go through a second party instead of just coming directly from Adobe. If Microsoft wasn't involved Windows 8 users could have just updated to the latest version and this issue wouldn't exist.

StevenJ said,
Using your logic, Apple should also stop suppoting PDFs too (which have already been exploited on their operating systems).

PDF support in OS X doesn't come from some installed Adobe plugin...

.Neo said,

It takes longer for various reasons to bring updates to the end-user when updates have to go through a second party instead of just coming directly from Adobe. If Microsoft wasn't involved Windows 8 users could have just updated to the latest version and this issue wouldn't exist.


PDF support in OS X doesn't come from some installed Adobe plugin...


The thing is, Flash runs in a sandbox they would have the control and functionality over if MS would let Adobe take care of this.

Exploit or not, want to be save, use IE10metro or enhanced protection mode. On both this exploit wont do anything.

.Neo said,

It takes longer for various reasons to bring updates to the end-user when updates have to go through a second party instead of just coming directly from Adobe. If Microsoft wasn't involved Windows 8 users could have just updated to the latest version and this issue wouldn't exist.


PDF support in OS X doesn't come from some installed Adobe plugin...

Microsoft can flip out an update rather quickly when it is urgent. The latest round of exploits are NOT an issue with the sandboxing and defender safeguards in IE10 and Windows 8.

PDF support in OS X....

Wow, you have not a clue here, as the 'Flash' in Windows 8, is actually being done by Microsoft, because it is baked into the WinRT IE10 engine.

Additionally, do you really think that because the Display Postscript and Display PDF technologies in OS X are coded by Apple that they are more secure than the Adobe variations? This is where OS X can be slapped around, not only for the security issues in the Aqua environment that are based on their Display Postscript/PDF code, but also is a huge failing in accurate PDF reproduction, due to the lack of functionality Apple implements from the specification.

Apple used the Display Postscript/PDF technology for 'compatibility' and seamless reproduction, and then fails to maintain even marginal compatibility with the specification and has 'retarded' the progression of the technology, because Adobe level PDF content fails to work on OS X unless the freaking content is fully rasterized and color matching is moved to a lower quality bit depth.

Mentioning that PDF support on OS X is all Apples, should be the LAST thing a Mac fan would EVER want to do.

Apple and OS X's PDF support is WHY XPS/XAML exists, and still is the leading technology for consistent vector reproduction.

PDF has only survived in two forms basic forms, simplistic text and shapes, or rasterizing output as TIFFs compressed and shoved in a PDF container, because PDF itself would mangle and destroy output consistency in trying to keep true vector format. Even AI has to use an auxiliary format because of the bastardization and lack of advancement of PDF and OS X's influence.

(There are many reason's Adobe has hated Apple for years, not just because Macs were so much slower than Windows PCs, and Adobe had to stop recommending them back in the throws the OS X G5 era.)

Chris123NT said,
This no updates until GA stance is kind of stupid.

Except, that's not what it says. I believe it actually implies sometime between now and GA.

Kirkburn said,

Except, that's not what it says. I believe it actually implies sometime between now and GA.

Actually it says, 'in the GA timeframe' which means around General Availability. That doesn't give any indication of before or after for sure. It means just around that time somewhere.

Chris123NT said,
This no updates until GA stance is kind of stupid.

"we will have a security update coming through Windows Update in the GA timeframe."

That means between now and October 26th.

That doesn't mean "no update until Oct 26th."

furthermore, exploits against flash for win7 won't be binary compatible with win8 because there are several new memory protections features in win8.

IE10 also has a new sandbox (enhanced protected mode) which should efficiently protect against flash exploits (a malware could not get read/write access to the filesystem).

It is enabled by default on IE/metro and can be enabled on ie/desktop in advanced properties, security.

Shane Nokes said,

It doesn't say before the GA timeframe, it says IN the GA timeframe.

You do realize that since it was released via MSDN/Technet and especially OEM and VL, we are IN THE GA timeframe NOW?

So you can poke around semantics of the wording, but that does not change the that GA is here, which is why they do say "IN" the GA Timeframe.

It would be impossible to release it before GA without a time machine, as it has dropped to OEMs and VL customers, making now GA.

(People get caught up in the retail release dates, like this is 1995 and people have to run down to Office Depot to get their copy after waiting in line all night.)

thenetavenger said,

You do realize that since it was released via MSDN/Technet and especially OEM and VL, we are IN THE GA timeframe NOW?...

GA stands for General Availability. That means when it's "generally available" to the public at-large. It will not be until October 26 that any given member of the public can go on Amazon or to their local store and buy a copy. Microsoft will not release downloads they sell until then, etc.

Things like Technet and OEM's are most definitely *not* GA. GA is indeed the retail release for all intents and purposes. Everything in the meantime is so people who need to get ready for GA can generally prepare (like OEM's and IT guys).

Microsoft is not going to obsess over emergency security patches the next couple months, so that there are 30 waiting when things come out to the public. They're going to sit on things and keep it simple with one or two issued relatively last-minute if they can.

Anyway, GA by definition is very much NOT here. This is not poking around semantics, either.

poind said,

GA stands for General Availability. That means when it's "generally available" to the public at-large. It will not be until October 26 that any given member of the public can go on Amazon or to their local store and buy a copy. Microsoft will not release downloads they sell until then, etc.

Things like Technet and OEM's are most definitely *not* GA. GA is indeed the retail release for all intents and purposes. Everything in the meantime is so people who need to get ready for GA can generally prepare (like OEM's and IT guys).

Microsoft is not going to obsess over emergency security patches the next couple months, so that there are 30 waiting when things come out to the public. They're going to sit on things and keep it simple with one or two issued relatively last-minute if they can.

Anyway, GA by definition is very much NOT here. This is not poking around semantics, either.


Bingo! Thank you for posting all that so I didn't have to.

torrentthief said,
this is one of the many reason flash shouldn't have been bundled into windows, that and the flash build in win8 is also buggy.

Agree, if they can't patch quickly, should allow quicker updates or allow alternate install.
Chrome manages to pull this off, it's built in, but pushes updates quickly and frequently.

torrentthief said,
this is one of the many reason flash shouldn't have been bundled into windows, that and the flash build in win8 is also buggy.

IE6, and OSes that shipped with IE6, was bundled with Flash. MS was condemned for it, because it was a security vector. They later removed it, and was condemned because Flash was a defacto standard, and once again MS is not observing standards. Metro was not going to include Flash support, and they were going to cause all those web sites to no longer work, so they add it back in and it is condemned.

Just the usual need to find some reason to complain.

torrentthief said,
this is one of the many reason flash shouldn't have been bundled into windows, that and the flash build in win8 is also buggy.

Actually in practice, I found the Flash build in Windows 8 to be smoother than, say Chrome's bundled Flash plugin. Easiest example: fullscreen transitions in Youtube are smooth in IE10.

torrentthief said,
this is one of the many reason flash shouldn't have been bundled into windows, that and the flash build in win8 is also buggy.
You can probably get rid of it if you want to

torrentthief said,
this is one of the many reason flash shouldn't have been bundled into windows, that and the flash build in win8 is also buggy.

Actually, you are wrong...

This is only about IE, and Flash's integration into IE10.

With the way IE10 runs on Windows 8, it is fully sandboxed, which means the security issues in Flash recently are moot on Windows 8 running inside IE10 on the desktop and especially in the Metro version of IE10.

Flash support for Firefox/Opera/Chrome should be handled by the Browser maker and/or Adobe, those are the ones that should not be bundled with IE or the OS.

Anyone that has followed the Flash vulnerabilities should know that they can not be successfully executed on Windows 8 without a series of protections being disabled by the user, which most users do not even know how.

(Defender, IE10 security/smartscreen, protected mode broker, and the IE sandbox itself in additional to FS read/write privileges, would all have to fail or be purposely disabled and or subjugated. Which would take a power user to make their Windows 8 computer exploitable via Flash.)

testman said,
Does the Adobe download not work with Windows 8?
I tried to download the update on the adobe website, and this shows up on the website:

"This content requires a newer version of the Flash Player. Please download and install the latest version of Flash Player from the Windows Update site before continuing."

testman said,
Does the Adobe download not work with Windows 8?

You can't install any plugins for use with Metro IE, however, Microsoft decided it would be great to bundle a special version of Flash with the Metro IE... sandboxed you say?

sagum said,

You can't install any plugins for use with Metro IE, however, Microsoft decided it would be great to bundle a special version of Flash with the Metro IE... sandboxed you say?

The version of Flash included in Windows 8 (and Windows RT) runs in the sandbox. You can enable the full AppContainer sandbox on desktop IE for x86 machines by checking the "Enable Enhanced Protected Mode" box in Internet Options.

sagum said,

You can't install any plugins for use with Metro IE, however, Microsoft decided it would be great to bundle a special version of Flash with the Metro IE... sandboxed you say?

Yep, which means the security issues in questions are moot for Metro IE.

Even the desktop version of IE is sandboxed and uses brokered access for Flash. So unless you 'disable' Internet Explorer Protected Mode, the security updates are still moot.

(These are the default operation/settings.) There is not even a need to turn on "Enhanced protected mode" that disables third party brokering and disables plugins.)