In a surprising announcement, Microsoft said this week that it will completely reverse its support for Adobe’s Flash technology in Internet Explorer (IE) 10, a decision that affects the “Metro” versions of the browser in Windows 8 and Windows RT, as well as the desktop version of IE. Now, instead of maintaining a white list of trusted Flash sites, Microsoft will provide IE 10 with a black list of untrusted and unsafe Flash sites.
The changes are coming as part of the firm’s regular “Patch Tuesday” set of updates.
“We are updating Internet Explorer 10 in Windows 8 and Windows RT to enable Flash content to run by default,” Microsoft Group Program Manager Rob Mauceri explains in a post to the IEBlog. “On Windows 8, all Flash content continues to be enabled for IE on the desktop.”
Rafael Rivera, my Windows 8 Secrets co-author, and I first wrote about Microsoft’s then-surprising decision to include some Flash support in the Metro version of IE 10 back in May 2012, in "Windows 8 Secrets: Internet Explorer 10 will Ship with Adobe Flash." Microsoft had previously pledged to keep Flash out of the Metro version of the browser and focus instead on HTML 5 video delivery.
Before IE 10, users could add support for Flash to the browser using a plug-in. And although that’s still true for the desktop version of the browser in Windows 8, IE 10 “Metro” is unique in that a subset of Flash is integrated directly into the product. But to protect the battery life, performance, and security of Windows 8 and Windows RT, this Flash version was allowed to access only certain sites via a white list called the Compatibility View list.
Microsoft’s various Flash flip-flops were all well intentioned, but with Windows 8 and Windows RT out in the world now, users often complained about favorite sites not working properly with the Metro version of IE 10. And according to the firm, its overly protective stance is no longer warranted.
“Looking at our engineering experience with Flash and Windows 8 and Windows RT, as developers improve their Flash content, the vast majority of sites with Flash content that we have tested are now compatible with the Windows experience goals,” Mauceri wrote. “Of the thousands of domains tested for Flash compatibility to date, we have found fewer than 4 percent are still incompatible, in the most part because the core site experience requires other ActiveX controls in addition to Flash … With today’s update to Windows 8 and Windows RT, consumers can experience more of the Web by default.”
Microsoft has provided updated guidance for web developers who wish to implement Flash on websites accessed in Windows 8 or Windows RT. This guidance notes that the Compatibility View list has changed to a black list used to block Flash content from executing inside IE 10, and explains the process developers can undergo to request that offending sites be removed from the list.
Related: "How to Fix Windows RT"