In Windows 8 and Windows RT, Microsoft has integrated Flash right into Internet Explorer 10 (IE10). So any Flash update has to be done through Windows Update instead of downloading and installing a patch from Adobe. There’s also another huge difference between the two (Modern-style and desktop) versions of IE10, and that is the Modern-style IE10 relies on an IE Compatibility View (CV) list to determine if it’s safe to display a site’s Flash content. In other words, this CV list acts as a whitelist. And web developers have to fulfil compatibility guidelines and submit their websites for consideration to be included in this list. On the other hand, the desktop version of IE10 on Windows 8 supports Flash fully and other third-party plug-ins. The case is again slightly different on Windows RT: both Modern-style and desktop IE10 have to use the whitelist.
But this is going to change tomorrow. According to a post over at IEBlog, Microsoft will be updating IE10 in Windows 8 and Windows RT to let it run Flash content by default. The change of mind comes after the company realizes that most sites with Flash content are ‘compatible with the Windows experience for touch, performance, and battery life.’ Along with this update, the CV list now becomes a blacklist. Instead of listing sites that are safe, it now lists those that aren’t. Or in Microsoft’s own words, these are sites that are ‘incompatible with the Windows experience for touch or that depend on other plug-ins.’ In fact, of the domains they've tested, Microsoft found fewer than 4% to have compatibility issues.
The table below sums up the difference in approach after and before the update:
|Windows 8 (After Change)||Windows 8 (Before Change)||Windows RT (After Change)||Windows RT (Before Change)|
|Modern IE||Enabled unless on CV list||Disabled unless on CV list||Enabled unless on CV list||Disabled unless on CV list|
|Desktop IE||Enabled for all sites||Enabled for all sites||Enabled unless on CV list||Disabled unless on CV list|
In other words, common sense prevails. After all, with hundreds of millions of websites out there, it’s more practical to use a blacklist than a whitelist.
Source: Microsoft IEBlog.