FlashKiller

1.0

FlashKiller.ps1

                                <#PSScriptInfo

.VERSION 1.0

.GUID d3aa9909-cd37-4154-81d2-7e6ef3c776ce

.AUTHOR Colin Cogle

.COPYRIGHT (c) 2020 Colin Cogle.  All rights reserved.

.TAGS Adobe, Flash, Player, swf, killer, KB4577586

.LICENSEURI https://www.gnu.org/licenses/agpl-3.0.en.html

.PROJECTURI https://gist.github.com/rhymeswithmogul/1346f32de625962b17adc713d0ac350c

#>

<#

.SYNOPSIS

Permanently remove support for Adobe Flash Player from Windows.

.DESCRIPTION

This cmdlet will download and install the official Microsoft update to permanently remove and block the Microsoft-provided copy of Adobe Flash Player from this computer.  Once this update has been installed, it cannot be removed!  You will need to restore this computer via System Restore or from backup.

.PARAMETER Force

Bypass the big, in-your-face warning and just install the update.  This overrides -Confirm.

.INPUTS

This script takes no input.

.OUTPUTS

This scripts sends no output, only human-readable text.

.EXAMPLE

PS> .\FlashKiller.ps1

Downloads and (after asking the user) installs KB4577586.

.EXAMPLE

PS> .\FlashKiller.ps1 -Force

Downloads and installs KB4577586 with no warning or confirmation.  Be very sure that you want to do this.

#>

#Requires -Version 5.0

[CmdletBinding(SupportsShouldProcess, ConfirmImpact='High')]

[OutputType('void')]

Param(

    [Switch] $Force

)

# These update URL's have been taken from the Microsoft Update Catalog.

# Microsoft provided non-secured HTTP URL's, and I've not modified them,

# as trying HTTPS results in a certificate error.

$Win10Updates = @{

    'AMD64' = @{

        '1507' = 'http://download.windowsupdate.com/c/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-x64_a0ff1622de1e30a2400d56903161a3c0757c29d1.msu'

        '1607' = 'http://download.windowsupdate.com/c/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-x64_809b9640d04c5af4c7e78499052abaa936cb670a.msu'

        '1703' = 'http://download.windowsupdate.com/c/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-x64_84ef2e9e7eb6bd2a3cfa5a8aef59adccab988e7d.msu'

        '1709' = 'http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-x64_e0921a984710c3992b68e570115b29b9e8e5c708.msu'

        '1803' = 'http://download.windowsupdate.com/c/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-x64_07eba1db5a2cfac83683bd43d727a3195a94b39b.msu'

        '1809' = 'http://download.windowsupdate.com/c/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-x64_d0f434327db9e3308b86591c248c825c03687632.msu'

        '190?' = 'http://download.windowsupdate.com/c/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-x64_ec16e118cd8b99df185402c7a0c65a31e031a6f0.msu'

        '20??' = 'http://download.windowsupdate.com/c/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-x64_c9bb49df325c20ddc147137b3f769fa44d800dde.msu'

    }

    'x86' = @{

        '1507' = 'http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-x86_cc1837e27113e5444e025cf2dc2e2ed556ba77f9.msu'

        '1607' = 'http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-x86_97a4f342e91e40b921727a8b944a29f7155f3ca1.msu'

        '1703' = 'http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-x86_9a3ade6ec24a2627276cbd7df0b39ece8ffee269.msu'

        '1803' = 'http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-x86_b737ffa841d2aab5cbf5e00560b93577a6d0b4d2.msu'

        '1809' = 'http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-x86_947f151a8bb5a0b0797702e53431c52d56c02c32.msu'

        '190?' = 'http://download.windowsupdate.com/c/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-x86_002b1ffa7fb31836aeaed74007a6949d31a96460.msu'

        '20??' = 'http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-x86_238da6b730a3f6a709f31980b87e2d8ecb0a8973.msu'

    }

    'ARM64' = @{

        '1709' = 'http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-arm64_81d999c5c09cfd4e914cfaaa6f3c80b8ec911a84.msu'

        '1803' = 'http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-arm64_e6c65b35f640b4541a674b77b064c1e4d066e52d.msu'

        '1809' = 'http://download.windowsupdate.com/c/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-arm64_9b954e1ca43f467e324283b8be5e5a8ab929e5a4.msu'

        '190?' = 'http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-arm64_cacff17e2776c6ade22df2533a674b0b68f13bc1.msu'

        '20??' = 'http://download.windowsupdate.com/c/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-arm64_935f62c2ac5987ceda52ca0358664f5b6be381d8.msu'

    }

}

# Yes, Windows 8 and Server 2012, and Windows 8.1 and Server 2012 R2, have the same update URL's.

# That is not a typo.  That is perfectly normal, as they share codebases.

$OtherUpdates = @{

    'AMD64' = @{

        'Windows Embedded 8' = 'http://download.windowsupdate.com/c/msdownload/update/software/updt/2020/10/windows8-rt-kb4577586-x64_3dde08cdb47cb317ba47a9181fceee09951c614c.msu'

        'Server 2012'        = 'http://download.windowsupdate.com/c/msdownload/update/software/updt/2020/10/windows8-rt-kb4577586-x64_3dde08cdb47cb317ba47a9181fceee09951c614c.msu'

        'Windows 8.1'        = 'http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/10/windows8.1-kb4577586-x64_1c039dbdafaf12e9163e8d56cf578cc998306ecd.msu'

        'Server 2012 R2'     = 'http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/10/windows8.1-kb4577586-x64_1c039dbdafaf12e9163e8d56cf578cc998306ecd.msu'

        'Server 2016'        = 'http://download.windowsupdate.com/c/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-x64_809b9640d04c5af4c7e78499052abaa936cb670a.msu'

        'Server 2019'        = 'http://download.windowsupdate.com/c/msdownload/update/software/updt/2020/10/windows10.0-kb4577586-x64_d0f434327db9e3308b86591c248c825c03687632.msu'

    }

    'x86' = @{

        'Windows Embedded 8' = 'http://download.windowsupdate.com/c/msdownload/update/software/updt/2020/10/windows8-rt-kb4577586-x86_2c105da7125b3d7a33edc8fd07c322261625bd3c.msu'

        'Windows 8.1'        = 'http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/10/windows8.1-kb4577586-x86_d81dcb42a9b91d279c0b7510669bc0d556288fd3.msu'

    }

}

# Make sure we don't already have the update.

If (Get-Hotfix -Id 'KB4577586' -ErrorAction SilentlyContinue) {

    Write-Output  'SUCCESS:  KB4577586 is already installed on this device.'

    Write-Verbose 'This system has not been modified.'

    Return

}

# If it's missing, let's figure out what operating system we have.

# This can be read from the registry.

Else {

    $CurrentWindowsVersion = Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' -ErrorAction Stop

    Write-Verbose "We are running on the ${env:PROCESSOR_ARCHITECTURE} architecture."

    Write-Verbose "The current operating system is $($CurrentWindowsVersion.ProductName)."

    $Uri = $null

    If ($CurrentWindowsVersion.ProductName -CLike 'Windows 10*' -or $CurrentWindowsVersion.ProductName -Like 'Windows Server, version*') {

        ForEach ($Version in $Win10Updates.${env:PROCESSOR_ARCHITECTURE}.Keys) {

            # Almost every version of Windows 10 has its own update.

            # Check the registry to find out the version number.

            Write-Debug "Does our Windows 10 version ($($CurrentWindowsVersion.ReleaseId)) -Match `"$Version`"?"

            If ($CurrentWindowsVersion.ReleaseId -Like $Version) {

                $Uri = $Win10Updates.${env:PROCESSOR_ARCHITECTURE}.Item($Version)

                Break

            }

        }

    }

    Else {

        ForEach ($OSName in $OtherUpdates.${env:PROCESSOR_ARCHITECTURE}.Keys) {

            # Older versions of Windows have one single update, making things easier.

            Write-Debug "Are we running ${OSName}?  (Answer = $($CurrentWindowsVersion.ProductName))"

            If ($CurrentWindowsVersion.ProductName -Match $OSName) {

                $Uri = $OtherUpdates.${env:PROCESSOR_ARCHITECTURE}.Item($OSName)

                Break

            }

        }

    }

    If ($null -eq $Uri) {

        Write-Warning 'KB4577586 is not available for this device and operating system.'

        Return

    }

    Else {

        Write-Verbose 'Allocating a temporary file.'

        $temp = New-TemporaryFile -WhatIf:$false

        Write-Verbose 'Downloading update from the Microsoft Update Catalog.'

        Invoke-WebRequest -Uri $uri -OutFile $temp | Out-Null

        # The user will get one final warning.

        $warning = "Do you wish to install KB4577586, the optional `"Update for Removal of Adobe Flash Player`", from the computer ${env:ComputerName}?  This will remove and block the Microsoft-provided copy of Adobe Flash Player from ever running on this computer.  Once this permanent update is installed, it CANNOT BE REMOVED.  To regain support for Flash Player, you will need to run System Restore or restore from backup.`n`n"

        If ($Force -or $PSCmdlet.ShouldProcess($env:ComputerName, 'Permanently remove and block Flash Player', $warning)) {

            Write-Verbose 'Calling wusa.exe to install this patch.'

            Start-Process -FilePath 'C:\Windows\System32\wusa.exe' -ArgumentList @($temp.FullName, '/quiet', '/norestart') -Wait

            Write-Output 'SUCCESS:  KB4577586 has been installed successfully.'

        }

        Else {

            Write-Output 'This system has not been modified.'

        }

        Write-Verbose 'Deleting our temporary file.'

        Remove-Item -Path ($temp.FullName) -Force -ErrorAction SilentlyContinue -WhatIf:$false

    }

}