Feb 122013
 

A recent bug in Google Chrome broke the ability to permanently disable the integrated Pepper Flash Player plugin. Although it can still be disabled by the user during a Chrome session, after Chrome restarts the Pepper plugin is automatically enabled again.

Pepper Flash? This is a sandboxed (i.e. more secure) version of Flash Player and is built into Chrome. It can therefore be updated whenever a new version of Chrome is released so is always current – no need for manual updates which is good for security.

Google stated, when Pepper was first introduced, that it offered “improved security and stability as well as improved performance down the line”. It is particularly important for XP users as Pepper provides them with a sandboxed Flash for the first time – the sandbox used in Adobe’s standalone Flash Player plugin is not available in XP.

So why would anyone want to disable it? Some users find that it causes Flash content (e.g. Facebook games) to crash – one solution to this problem is to disable the Pepper Flash plugin and use Adobe’s standalone Flash Player plugin instead – see how to fix Flash crashes in Chrome.

Whilst disabling the plugin may be less secure (certainly for XP users) it often provides the only solution to such crashes. The current bug is therefore very annoying as it means those users have to manually disable the Pepper Flash plugin every time they start Chrome…

UPDATED 27 March 2013 – Chrome 26 was released yesterday (see new features) and it has fixed this bug – Pepperflash now stays disabled even after restarting Chrome so the fix below should no longer be required.

How To Fix It – ideally, Google will update Chrome to fix this problem but, according to some Chrome forums, that fix may not take effect until Chrome 26 is released around April. Until then, the following workaround will keep Pepper Flash disabled – even after Chrome is closed and re-opened:

1. Open Chrome and type chrome://plugins into the Omnibox (address bar) then press ENTER to display Chrome’s Plug-ins Manager tab.

2. Click on the ‘+ Details’ link (if present) at the top right of the tab to expand the list of all Plugins.

3. Scroll down the list to find the Pepper Flash plugin – within the ‘Adobe Flash Player’ section.

4. Make a note of the Location: of the pepflashplayer.dll file – in our example below it is located in the C:\.…PepperFlash folder but your Location will be different:

chrome6

example Pepper Flash plugin Location

5. Now close Chrome and open Explorer/(My) Computer then navigate to the location (that you noted above) of the pepflashplayer.dll file.

6. Rename this file to oldpepflashplayer.dll

7. Now open Chrome and open the Plug-ins Manager tab again.

8. Click on ‘Disable’ just under the Location: of the PepperFlash plugin to disable it – it will become greyed out.

Crucially, it will now remain disabled – even after you restart Chrome :-)

[Tech note: the logic of this fix is that, because pepflashplayer.dll can’t be found, Chrome does not re-enable it after restarting and 'falls back' to using the next available Flash plugin i.e. the Adobe version.]

Important: unless Google fix this issue, when the next version of Chrome is released you will need to repeat the above process again (to rename the pepflashplayer.dll file in its new location) in order to disable Pepper Flash permanently again.

Conclusion

Whilst it is preferable (for security reasons) to use the integrated Pepper plugin to play Flash content, Chrome users who experience constant Shockwave Flash crashes may need to disable it and use Adobe’s plugin instead.

The above solution works around the current bug in Chrome which prevents the user from keeping Pepper disabled after a restart.

  7 Responses to “Bug In Google Chrome Lets Pepper Flash Player Keep Enabling Itself”

  1. Thank you for posting this. I tried it and hope it works for me.
    Before, showckwave crashes on Chrome on very minimal times only, but these past few weeks, it’s been crashing almost every single minute.
    Thank you once again.

  2. Thank you for this. So far it’s working. Wish that Google would have stuck with the original intent of Chrome – low memory, stability, etc.

    • @Robert – I agree with you on the lightweight principle. I’m torn about Pepperflash though – whilst I would prefer not to have what is essentially a 3rd party plugin integrated into a browser, the added security of this PPAPI plugin does have some merit – at least in principle. In practice though it may not be quite ready for primetime yet as it’s not always stable, for everyone at least.

  3. Thx for this, i was wondering why it wouldn’t stay disabled!

  4. On a Mac, renaming the file did not work – it still found away to re-enable itself! I had to move the whole folder somewhere else – the folder inside the PepperFlash folder. For me the folder was named 11.6.602.167

    Thanks for this – it remains disabled now.

  5. Chrome 26 was released yesterday and it has fixed this bug (for Windows at least, not tested on Mac). Pepperflash now stays disabled even after restarting Chrome so the fix in this article should no longer be required.

    Other new features of Chrome 26 are reviewed here – http://techlogon.com/2013/03/26/chrome-26-released-with-spell-checking-improvements/

  6. thanks to you all about this issue. however, it started today 09/13/2013 every time I started chrome. I contacted norton, who erroniously say only 5 people have this plugin installed.

 Leave a Reply

(required)

(required but will NOT be published)