Mozilla adds every version of Flash to default Firefox blocklist

Posted:
in macOS edited July 2015
Firefox users awoke Tuesday to an update that blocks every version of Adobe's Flash Player from running in the popular open-source browser, a victory for information security efforts following the unprecedented disclosure of numerous critical Flash vulnerabilities.




"All versions of Adobe's Flash Player plugin are currently deactivated by default, until Adobe releases an updated version to address known critical security issues," Mozilla wrote in a support document. Firefox currently accounts for around 16 percent of the worldwide browser market.

Adobe has been forced to grapple with more than two dozen critical Flash Player security flaws this month, including some that weren't discovered until after they were already being actively exploited. The company has pushed four emergency updates since June 9 alone.

Given the scale of the problems, it's not immediately clear when --?or even if -- Flash will be removed from the list.

AppleInsider recommends that Mac users uninstall Flash from their Mac in its entirety and use Google's Chrome browser for any occasional Flash needs that crop up. Failing that, installing the ClickToFlash extension for Safari is a reasonable fallback, and users should always ensure that automatic updates are enabled --?the risk of security failure due to an out-of-date Flash version far outweighs the negligible chance of problems with Adobe's update functionality.
«1

Comments

  • Reply 1 of 38
    razorpitrazorpit Posts: 918member

    Wow, how far we've come since the days of the pundits proclaiming the iPhone was doomed without Flash support.  

  • Reply 2 of 38
    Apple waged a war on flash years ago... They don't go for quick victories, but damn do they win! Lol
  • Reply 3 of 38

    Chrome's vaunted sandboxing of Flash doesn't work, it still gets hacked. And then you get Googs phoning home everything you're doing. That's like recommending you cut your finger off to stop your leg from bleeding.

  • Reply 4 of 38
    slurpyslurpy Posts: 5,116member
    Quote:

    Originally Posted by razorpit View Post

     

    Wow, how far we've come since the days of the pundits proclaiming the iPhone was doomed without Flash support.  


     

    I'll never forget the incessant mockery and hatred directed towards Apple and Jobs from every angle (especially the media) about their lack of Flash support and justification. As always, Apple is right, and it just takes a few years for every other gutless company to figure that out. The difference is that Apple is willing to take the heat and make decisions that aren't popular, for the greater good and long term benefits. 

  • Reply 5 of 38
    I knew Steve Jobs was going to be wrong about Flash! /s
  • Reply 6 of 38
    jbdragonjbdragon Posts: 2,040member

    I was worried about no FLASH support when I first got my iPhone 4, but it was NEVER once a issue for me.  That was kind of shocking.  Seems many sites were already showing HTML5 pages to iOS users and the FLASH crap to Windows users at that point in time.  When it finally went away with Android 4.0, iOS WON!!!  Now it needs to just disappear on Windows and MAC.   Just Uninstall it and be done with it.  If you go someplace that needs it to work, oh well.  If people stop going to them because of FLASH, they'll update their web site is get rid of it.  Send a e-mail saying you have removed FLASH and no longer want it on your system and that you can't use their site because they still use it.   Everyone just needs to delete it and be done with it.

     

    It's always been complete crap!!!  Nothing has changed.

  • Reply 7 of 38
    grreygrrey Posts: 3member

    "Firefox users awoke Wednesday..."



    Where, in Hong Kong? This article is dated today, Tuesday July 14.

  • Reply 8 of 38
    pujones1pujones1 Posts: 148member
    slurpy wrote: »
    I'll never forget the incessant mockery and hatred directed towards Apple and Jobs from every angle (especially the media) about their lack of Flash support and justification. As always, Apple is right, and it just takes a few years for every other gutless company to figure that out. The difference is that Apple is willing to take the heat and make decisions that aren't popular, for the greater good and long term benefits. 
    Well said sir.
  • Reply 9 of 38
    slurpy wrote: »
    I'll never forget the incessant mockery and hatred directed towards Apple and Jobs from every angle (especially the media) about their lack of Flash support and justification. As always, Apple is right, and it just takes a few years for every other gutless company to figure that out. The difference is that Apple is willing to take the heat and make decisions that aren't popular, for the greater good and long term benefits. 

    My hope is that those "but but but android supports flash" trolls got the pwnage they deserved. They only made pro-flash arguments because it was a cheap dig against Apple.
  • Reply 10 of 38
    simtubsimtub Posts: 277member
    Steve Jobs was so mad he wrote a whole piece on flash and published it on the apple site because he was so sick of the media trashing Apple. Steve just gets it. Apple gets it. If you re read that note he wrote before he passed it still stands valid and on point. Other companies just don't get it and never will.
  • Reply 11 of 38
    grrey wrote: »
    "Firefox users awoke Wednesday..."


    Where, in Hong Kong? This article is dated today, Tuesday July 14.

    Einstein did say time was relative to the observer. ;)
  • Reply 12 of 38
    grrey wrote: »
    "Firefox users awoke Wednesday..."


    Where, in Hong Kong? This article is dated today, Tuesday July 14.

    Made my day...
  • Reply 13 of 38
    smack416smack416 Posts: 56member

    Steve Jobs's Thoughts on Flash, still available at Apple.com, and still a good read:

    http://www.apple.com/ca/hotnews/thoughts-on-flash/

  • Reply 14 of 38
    gatorguygatorguy Posts: 20,286member
    Chrome's vaunted sandboxing of Flash doesn't work, it still gets hacked. And then you get Googs phoning home everything you're doing. That's like recommending you cut your finger off to stop your leg from bleeding.
    http://www.dailymail.co.uk/sciencetech/article-3160644/Google-Mozilla-pull-plug-Adobe-Flash-Tech-giants-disable-program-browsers-following-critical-security-flaw.html
    "Google and Mozilla have now both pulled support for the plugin on their respective Chrome and Firefox browsers. "
  • Reply 15 of 38
    eightzeroeightzero Posts: 2,292member
    Quote:

    Originally Posted by TheWhiteFalcon View Post

     

    Chrome's vaunted sandboxing of Flash doesn't work, it still gets hacked. And then you get Googs phoning home everything you're doing. That's like recommending you cut your finger off to stop your leg from bleeding.


    Does chrome do this? The ToS permit google to obtain your browsing history?

  • Reply 16 of 38
    knowitallknowitall Posts: 1,239member
    It's clear that Steve Jobs was completely right about Flash.
    He had far more understanding of the field than the combined press and hordes of self proclaimed computer experts.
    Cudos to him.
  • Reply 17 of 38
    gatorguygatorguy Posts: 20,286member
    My hope is that those "but but but android supports flash" trolls got the pwnage they deserved. They only made pro-flash arguments because it was a cheap dig against Apple.
    Note the year on this linked article . . . 2012

    http://www.digitaltrends.com/mobile/adobe-flash-for-android-gone-with-barely-a-whimper/
    "It’s the end of an era: Yesterday, Adobe quietly removed its Flash Player from Google Play, meaning Android device owners will no longer be able to download and install Adobe Flash to access videos, games, and other Flash-based content on the Web."

    Flash hasn't been supported on Android since v4.1, a couple of years now, meaning it not applicable to 89% of current users.
  • Reply 18 of 38
    knowitallknowitall Posts: 1,239member
    @A.I., repeating a dangerous advice doesn't make it better.
    Do not enable Flash self installers, they are probably already compromised.
    When you do install Flash do it manually and verify the URL and check the certificate and lock symbol.
    Also, do not use Chrome, Google cannot be trusted.
  • Reply 19 of 38
    williamhwilliamh Posts: 641member

    "the risk of security failure due to an out-of-date Flash version..."

     

    The big risk is security failure with current Flash version.  Adobe continues to update Flash as more and more zero-days are discovered. 

  • Reply 20 of 38
    gatorguygatorguy Posts: 20,286member
    eightzero wrote: »
    Does chrome do this? The ToS permit google to obtain your browsing history?

    Of course Google keeps track of your browsing history unless you turn it off (which you can do). That's the typical default on most browsers isn't it?
Sign In or Register to comment.