Mozilla blocks all versions of Adobe Flash in Firefox
Mozilla has added all versions of Adobe Flash up to the most recent version 18.0.0.203 to the Firefox blocklist.
Security researchers have discovered vulnerabilities in recent versions of Adobe Flash that have not been patched yet by Adobe but are exploited in the wild. In particular, several exploit kits are already making use of it to serve crypto-ransomware to systems running Adobe Flash.
In an effort to protect Firefox users from harm on the Internet, Mozilla has added the current version of Adobe Flash and all previous versions to the browser's blocklist.
The blocklist lists browser extensions, plugins and other components that are blocked automatically by Firefox either directly or sometimes in the case of plugins, by setting them to "ask to activate".
The Flash vulnerability affects all versions of Flash on Windows, Linux and Macintosh systems.
Firefox displays a warning message on its plugins management page that Flash is vulnerable. As you can see on the screenshot below, Shockwave Flash has been set to "ask to activate" and not blocked permanently.
The difference between "ask to activate" and "never activate" is that Flash is not blocked completely in the former state which means that Flash contents can still be accessed in the browser. While that requires an extra click, it ensures that code on websites cannot exploit the vulnerability automatically without user action.
Options to switch the state are not available due to Flash being on the browser's blocklist.
Firefox displays a warning in the browser whenever Flash contents are embedded on a web page:
Firefox has prevent the unsafe plugin "Adobe Flash" from running on [website url].
The prompt displays options to allow the plugin on the page. If selected, Flash contents will be loaded and can be used just like before.
The blocklist update may not have been deployed on all Firefox machines. You may request a manual update of the blocklist at any time using the method below:
- Open the Web Console by tapping on Alt and selecting Tools > Web Developer > Web Console (or use Ctrl-Shift-k).
- Click on the preferences icon.
- Locate Advanced Settings and check "Enable browser chrome and add-on debugging toolboxes"
- Open the Browser Console afterwards with a tap on Alt and selecting Tools > Web Developer > Browser Console (or use Ctrl-Shift-j)
- Type Components.classes["@mozilla.org/extensions/blocklist;1"].getService(Components.interfaces.nsITimerCallback).notify(null);
The blocklist should update if updates are available. If you have Flash installed in Firefox you should see the vulnerability warning now in the plugin manager of the browser.
Additional information about the blocking are available on Bugzilla@Mozilla.
Waiting for the new updated version
Firefox might block it but there are problems with Adobe Flash Player because some versions just won’t install. Even if you do a clean install, they just won’t install and you have to wait for the new version. What’s the deal with Adobe Flash Player? Is there an alternative because it’s a headache to update.
thats not software, thats hidden war against the own people!
thats elimination of freedom.
Just use chrome. Or use cometbird. Its similar to firefox
FIREFOX BLOCKS ALMOST EVERY VIDEO, DOWNLOADED FLASH, ALLOWED ETC , ETC
STILL WONT PLAY. FUCKING PAIN IN THE ASS
time to block mozila godzila what ever
MOZILLA FIREFOX HAS SOLD OUT! They have become another Explorer/Chrome. Another look-a-like/do-a-like!. Never have liked Microsoft’s Explorer nor do I like Google Chrome. Don’t like the way they,re set up and both have blocked me from various sites. They look pretty much like the same browser. Firefox use to be for the people but these days I’m not so sure,.. They are looking and acting more and more like the other two! It should be “MY” decision what In want to run and/or where I want to surf not some corporate developer! If my computer gets messed up – that’s on me! I’ve fixed it before and I’ll fix it again if i need to! And as far as Flash being vulnerable – heck (I’d use a different word here) it doesn’t matter what the app/program/software you’re using, if you’re connected to the web, they’re “ALL” vulnerable! Don’t kid yourself and don’t let an one tell you otherwise! Don’t be fooled into a false security. “EVERY” firewall/malware/spyware/whatever program is vulnerable! There is “ALWAYS” a backdoor! The only way a computer computer can not be vulnerable is to disconnect! (which I won’t do. I like to explore) Blocking Flash is only one of Mozilla’s recent evils. They fought for years against putting any form of DRM into code, however, recent Firefox versions in options/content there is a new box “Play DRM content” which, by default, is checked on. Their reasoning – Netflix won’t work on Firefox without it. This is an out right LIE! I have never had a problem watching Netflix! I expect that option will soon go the way of flash and not an option. AS Not Happy stated above, you can not activate flash, I have v.19.0.0.2…! You can press keys/click your mouse all day long and it won,t be activated. And, at this time, changing browsers is not an option. For now, Firefox is the least of the evils. But I am looking!
FYI: HTML5 has DRM written in its code
I answered this comment back on version 39 of Firefox, and am now on 40.0.3, and if I get a page that Firefox that doesn’t want to open properly, you can right click on the page and select open in Chrome. I actually had to install Chrome Canary since chrome itself had a problem in August 2015. So now there are a lot of pages that I just right click and get into chrome and do what I need to do. That is courtesy of Firefox’s “Nanny” complex.
What a bunch of whiners who post comments on this site. They get protected from serious vulnerabilities, & complain if it inconveniences them. As was written in the article, it only “asked to activate” & didn’t completely block Flash. Adobe released a fixed version soon after anyway, & was easy to download & install. Two weeks after the whiners posted here, it’s up to v18.0.0.209 (actually it already was some time ago), & runs quite happily in Firefox.
I miss a +1 button here.
I have Chrome on my Computers and just switch over to that when Mozilla doesn’t do what I want. I can always copy and paste the URL to Chrome and I do that when needs to be done.
Ron Geiken
Download Chrome and forget all things
I have been with Firefox for lots of years, but this may be the final straw. I just went to Chrome to watch a You Tube video since Firefox blocked it. It ran just fine and my computer was not compromised since I have a good firewall and anti virus installed. If they don’t do something about correcting this they may find themselves on the outside looking in on the Internet. I have version 39, and would like to revert to a previous version, but may have to just go Chrome to get away from the Big Brother aspects of Firefox.
You do realize you can easily revert to any previous version, don’t you?
http://ftp.mozilla.org/pub/mozilla.org/firefox/releases/
Blocking Flash is making the dying of Firefox faster. I hate x 100 to click every time I need to see the Flash content on a webpage. Of course, I hate Chrome too, I won’t move there. I will try some other browsers.
Hi. With respect I wanted to say that what firefox does is totally bullshit!
Have the genius people at Mozilla for one second think what will people do to watch youtube when flash is disabled completely? well I tell them, they will leave firefox forever! and this is what I am gonna do right now…
I wonder what follows, good day today on the Internet, police state obviously.
Is anyone here familiar with Clipstream?
http://www.dsny.com/clipstream
It is an alternative to Flash and HTML5. It is an instant play video streaming service that requires no plugins. The technology features security such as watermarking, host-locking.
The company on its website claims it is “disruptive,” meaning it will disrupt the video industry. But it doen’t seem many are famialiar with it or are using it. It has been around for a year, but it was just release as a cloud based service.
Check out some of the videos. I would be very interested in hearing pros and cons.
http://www.dsny.com/media
According to the following video, it is for corporations who want to protect their videos.
http://dsny.com/node/1673
It’s too early to tell, but I don’t see this ever replacing HTML5, at least not for regular
home users. As a user, sometimes I want to download a video for personal reference,
without intentions for sharing and copyright infringement. Clipstream does not allow
that.
Indeed, at the time of writing, my Flashgot extension was only able to detect the Ogg
Vorbis audio track in the video linked above. Obviously it’s doing its job, but as a
workaround, I can make screen cast using a program like CamStudio if I wanted to
capture the video.
What I’m trying to say is that there will always be someone who will try to work around
restrictions.
Firefox, what the fuck is wrong with you? I can’t use the internet because of this bullshit, and neither can any of my clients. You just destroyed millions of people’s internet usage; no “security hole” in Flash Player could possibly be worse than that. Let me decide whether I care about Flash Player updates; it’s none of your damn business. Why isn’t there a togglable setting to just hide all security warnings for the Flash Player plugin?
PLEASE PLEASE PLEASE just let me install updates manually once or twice a year when I feel like it, and make your software shut the hell up about how it’s out of date. None of these “security holes” are nearly as big a problem as not being able to use Flash websites. Flash Player releases thirty updates a day and installs McAfee on people’s computers if they’re not paying attention; anyone who lets it update itself automatically is insane.
The idiotic warnings about Flash Player vulnerabilities that make people click through them (on a per-website basis) (that erase their “don’t ask me again” status every few days) were enough to get me to move several of my clients to Chrome last month. Tonight I’m moving everyone.
Hey, don’t hate on Mozilla. The far, far more annoying problem with Flash is that thousands of web sites and their lazy web designers use it for useless, annoying animation and obsolete audio/video players.
Please everyone, just make up a simple cut/paste feedback text for web sites that still use Flash:
“ESCALATE TO RESPONSIBLE MANAGER. I am no longer visiting your web site until you purge Adobe Flash based function from it.”
The only “obsolete” thing here is Firefox, do audio/video players need upgrades? Just to keep old hardware from working properly and forcing you to upgrade something every other day, or maybe to have a button of “share” and “buy” and what not . And not just browsers, I could still live happily with Windows 98 and Office 2000 before the ‘redesigning’ . Firefox sucks now!
Kill Flash and Java, the two biggest security risks on Windows. Embrace HTML5. Once they are dead, Microsoft should buy Adobe and drop the price of Acrobat Pro down to $19. With the Surface 4 and the Ntrig pen, Surface would be an artists dream! Adobe Creative Suite would continue to run on Apple, of course.
You forgot Microsoft silverlight ^_^
Anyway, i agree with you.
Browser companies should work togheter for make HTML5 standard.
Unfortunatelly Apple (as always!!) what to build things in contrast with others (look for example the autoplay of movie, websocket support and other html5 features)
For those on Windows, just use Ninite Flash Player installer.
It took 2 minutes to update Flash Player to v18.0.0.209. If you
are unfamiliar with Ninite installer; you can use this same installer
countless times in the future.
https://bitbucket.org/wew/vmware-related-files/downloads/Ninite_Flash_Player.exe
Side note:
Please ignore the fact that I accidentally uploaded the executable
to vmware-related-files downloads repository. It was a daft move,
but as the saying goes, we live and learn.
Maybe they should restore Click-to-play instead of leaving it up to add-on developers to maintain
As long as free porn uses flash video it will never go away.
If the browsers would continue to block it by default that might change or is there some fundamental reason they can’t deliver in HTML5?
Can we start a #killflash hashtag on twitter or something.
Only website where I need Flash Player is Spotify Web Player.
It’s certainly time for something new, more secure, and especially more reliable. I’d say flash contributed a great deal to killing internet explorer. IE can have excellent security measures, only flash will make ur experience – the facebook one especially – a painful one.
Front page of TechMeme. Way to go Martin.
Happens rarely but when it happens it is great ;)
My Chrome Browser gets the following error when trying to update the Flash Player:
A web browser built for speed, simplicity, and security
Get help with using Chrome Report an issue
Version 40.0.2214.111 m
Update failed (error: 3)An error occurred while checking for updates: Update check failed to start (error code 3: 0x80080005 — system level).
Google Chrome
This has been going on since yesterday. Seems like Chrome is not interested fixing this problem!!! I have reported this problem several times.
Your Chrome browser has a build-in Flash and there is no way to update Flash in the browser. Latest Google Chrome 43.0.2357.134 Stable contains Adobe Flash Player 18.0.0.209 update.
Facebook demands Adobe to shut-down Flash with E-O-L date :
It is time for Adobe to announce the end-of-life date for Flash and to ask the browsers to set killbits on the same day
— Alex Stamos (@alexstamos) July 12, 2015
http://www.businessinsider.com/facebook-chief-security-officer-calls-for-end-to-adobe-flash-2015-7
As if Facebook can demand anything.
They don’t need to demand, they need just to block Flash in Facebook for 1B users, just like Apple did.
They can demand anything, nobody stops them. I hope that nobody listens to them, though…
Still working here. as if this news never happened.
Why?
Maybe the blocklist has not been updated yet on your end?
Our household has been flash-free for over six months. If a website doesn’t have HTML5 video, it doesn’t get played here.
I especially like sites that instantly demand I install flash as it is telling me to leave right now.
About the only good thing I can say about firefox (use Pale Moon) is this is a great move and hopefully those flash–dependent sites will hurriedly convert to HTML5.
As another poster noted above, I too began removing Adobe PDF reader (use SumatraPDF) , Adobe Air and the full Java-junk several years back. Having NoScript in Pale Moon adequately secures me from the javascript issues. Oh and on the subject of security, dd-wrt on all my routers.
Nothing is perfect but I feel I am close to the pointy end of self-protection. :)
Maybe a bit drastic but I can see your point. If one uses No Script and Flash Control all is good!.
18.0.0.209 is out now. Just installed it.
Also, 11.2.202.481 for Linux.
Same here, but kept running into a script error that prevented the installation. Found this page from Adobe where one can download the full package (at the bottom) rather than the stub, which finally worked: https://helpx.adobe.com/flash-player/kb/installation-problems-flash-player-windows.html#main-pars_header
Good thing that I don’t allow Firefox to update the blocklist. I am the one that decides what happens on my computer, not Mozilla.
Firefox must block the Internet! After all, practically every virus and security issue comes from there! Retarded idiots plotting to enforce their html crap corruptly down everyone’s throats.
Flash is pioneer and crucial in free games, not immorally “downloaded” (say STOLEN) games. Just go ahead and block the entire internet, since that’s what’s causing all the phishing and scams, corrupt bastards.
Agreed, OTT, but he’s not the only one. There’s a whole community of creative people who could create amazing beautiful things in a tool that combined code and creativity. They’ve had their brushes taken away and nothing in the HTML5 world has come close to opening up that world of creativity again. The internet has become mostly flat, square, and boring, and sure, more secure w/out Flash. And yes, there are some AMAZING HTML5 pieces out there, but the LOE that goes into them is staggering compared to what could be done in Flash.
Flash (well, to specify, the swf… Flash itself is still a pretty wicked program) is on it’s way out, there’s no doubt, but to ignore the benefits that have been lost to the creative community is ignorance.
I am under the impression that it is pretty good program but since Adobe bought it they have not put enough resources into it to maintain standards. So the program its self is not to blame.
You are probably right about that.
The root problem is that Adobe never cared for Flash when they bought it. They never put enough resources into it. So all these years it has been lagging. It has probably nothing to do with the Flash program its self.
LOL. A bit OTT isn’t it. The consensus at most tech companies is that Flash sucks!.
The one guy in the world who wants flash still. Hello and welcome to 1996.
How much I hate flash lately, I’ve been getting these kind of errors: http://i.imgur.com/mWgXH4W.png Sometimes it works to dissmiss them some other times it doesn’t so I have to force close the plugin conainer. I even reinstalled Windows a few days ago.
I would completely uninstall it, but I sill find it to be required on some websites, and on some others it won’t play videos in fullscreen without it.
Few years ago I’ve eliminated Adobe Reader from my computers due to the continously present security issues. There are a lot of PDF Readers to use beyond Adobe’s.
Now it’s the time to eliminate Flash as well.
Yeah, same here.
Flash is a bigger problem than PDF readers though, because with PDF readers I can install a different PDF reader on say my parents machines and forget about it. With Flash, although I can disable Flash on my computer, and if need be re-enable it when needed, deciding what to do with my parents computers is more problematic. If I disable it, then when they visit the BBC it will tell them to download and install Flash. If I make it click-to-play, it will just be an annoyance and they’ll just get into the habit of clicking ‘yes’ every time anyway. So, we really need all websites to ditch Flash, but at the moment we’ve still got sites like the BBC and education sites using it, which creates a problem.
I haven’t enable or disabled Flash via the menu the notification provides but I’m still watching youtube videos. Am I vulnerable?
The main reason you can still watch You Tube videos is that they have now switched the majority (if not all?) videos to HTML5 format and I like it better. It does not rely on Flash at all. This was really pushed and will continue to trend up elsewhere. Another reason besides the security holes of Adobe Flash is that Flash format drains batteries on mobile devices much more quickly.
Same here Vanessa.
No, YouTube has been using HTML5 for some time now, so it’s not even using flash.
Twitch is also using HTML5, just for future reference.
Youtube displays videos (most, all?) in HTML5 format now and no longer in Flash. If you right-click on a video you can see if it is Flash or HTML5 which is used.
If you have Flash Player installed (any version all the way up to 18.0.0.209 which was released just hours ago it seems) then yes, technically you’re vulnerable to some of these new hacks. Because you’re watching video(s) from YouTube the chances of anything going awry are fairly slim since YouTube creates their content from user supplied videos. I think it’s safe to say that yes you’ll be ok IF you just use Flash to watch YouTube videos, but I won’t speak or even guess the risk for any other websites out there (and I can’t guarantee that even YouTube is perfectly safe at this point, it’s just a fair level of certainty).
Flash is vulnerable, period – if you use it or have it enabled in your browser then you’re potentially vulnerable and there’s no getting around that fact.
No.
Actually that move from Mozilla was the final straw, I’m totally done with this paranoid overlyprotective browser and moving to Google Chrome, permanently. When firefox failed to run some of html5 apps properly I could bear with it, when it crashed without restoring tabs I was like ok you’re still fun to use, but now it refuses to play stuff I use daily, that’s it Firefox I’m wiping every byte of you, every leftover, every trace.
I agree, this move by Firefox with NO OPTION FOR THE USER to decide which sites it can still be used on is ARROGANT and will cost Firefox another LONG TIME supporter. As it is it I cannot view footage of Hurricane Patricia on weather sites. Countless other websites are now effectively CRIPPLED. I have TONS of security, including VPN.
FIREFOX, CHANGE THIS NOW!!! OR LOSE TO ANOTHER BROWSER. IT’S THAT SIMPLE!!
I saw a recent study review on popular Browser Sites which said Mozilla Firefox has been steadily losing ground verses the interests of it’s users. http://www.richmedia.com/richideas/articles/browser-wars-continue-in-2015-chrome-in-the-lead Both Firefox and Google Chrome will cease Browser plugins by early 2016.
If you’re happy for your PC to become part of a Russian botnet, or exercise your inalienable right to have your online bank account emptied, just click the button to re-enable the insecure and dangerous plugin everywhere. It’s a lot quicker and easier than whining on the internet about it.
Chrome dumped Adobe Flash, Silverlight, Java and other plugins to paranoidly overprotect users ages ago, and absolutely every sane person (outside Adobe and stone-age game/porn sites) agrees that Flash, which has been plagued with issues for years, should have died a death a long time ago.
When I go to Youtube, I get the Flash Player security warning that won’t let me play videos unless I click a hidden button in the background of where the video should be. Far more commonly, things like advertisements on all sorts of sites everywhere use Flash, and show the same security warning in place of the ad. Because of that, I’ve gotten over a dozen calls today from panicked clients who can’t deal with error messages showing up while they’re trying to surf the web, and are convinced that their computers are under attack. It’s only noon. I shouldn’t have to deal with this shit.
@LockeZ
I’m surprised to learn top video sites like Vimeo and Dailymotion “don’t exist” in your universe since they, like Youtube and Netflix, by far the most popular ‘flash sites’ that you listed, have non-flash video. In fact the most popular flash-only video sites on the internet are porn sites.
Of course, as with IPv4, there are always going to be dinosaurs unable or unwilling to change, hanging on to technologies and systems with no future and making internet users suffer because of it.
Instead of waiting for Adobe to announce the burial of Flash, as Facebook suggested, browsers should simply set a date at which point they will completely pull the plug on it.
I don’t know what universe you live in where no one uses Flash, but it must be one where Youtube, Hulu, Netflix, Twitch, Amazon Video, and every other streaming video service on the entire internet don’t exist. And Chrome has Flash Player built into it, so I don’t know what you’re talking about with them “dumping” it.
The only issue with Flash is the constant updates, and both Adobe and Mozilla demanding that I keep installing them thirty times a day. Almost none of Flash’s updates are even real. They just release fake ones every day because they use their updater as an advertising platform.
There is no button that universally allows Flash; you can only allow it on a per-website basis. And if you tell it to remember your choice, it forgets anyway an hour later, because there’s another new Flash Player update.
Dude, Chrome has completely disabled plugins like Flash and Unity. It’s worse than Firefox.
“Google and Mozilla pull the plug on Adobe Flash: Tech giants disable the program on browsers following ‘critical’ security flaw”
http://www.dailymail.co.uk/sciencetech/article-3160644/Google-Mozilla-pull-plug-Adobe-Flash-Tech-giants-disable-program-browsers-following-critical-security-flaw.html
Looks like the search for a non “overprotective” browser continues.
LOL. You are a bit of a drama queen aren’t you. Oh Chrome has blocked Flash too!.
This is all temporarily when Adobe fixes this all will be back to “normal” (Yeah we all know Flash sucks)
Heading back to Internet Explorer then, I guess.
Isn’t Firefox supposed to be the highly customizable browser? Isn’t that its main feature – the fact that you can customize thousands of features in it? Why isn’t there an option to permanently disable all plugin security warnings? I’d rather have 0.001% of my clients get a virus than have 100% of them unable to use half of the internet.
dont go google, try vivaldi instead – it looks promising
*face palms at the post above me*
Web Developers aren’t fighting with compatibility issues. “Web developers” are downloading jQuery and testing only on one platform then IGNORING problems until people start complaining.
If “web developers” would read what is actually in the HTML5 specifications, how DOM works, and skip jQuery then they’d stop using browser specific non-standard tags that have been causing most of the problems.
If “web developers” would test in more platforms than their favorite browser, as software devs need to do, and act just a wee bit professional, there wouldn’t be as big of a problem.
Also, the open source fallacy of “competition kills technological advancement” (a.k.a. “1 perfect browser”) is annoying, stop preaching it.
Please don’t do it!
Developers are fighting everyday with compatibility issues between browsers.
Instead of reinvent the wheel with “Yet another browser”, companies should work for make HTML5 100% compatible and build a browser that react in the same way
DOESN’T NORTON PROTECT MY COMPUTER? IS THIS A CHICKEN LITTLE “THE SKY IS FALLING” OVERREACH?
Probably, most AV (antivirus) worth their salt have taken samples and pushed out definition updates by now. However, the date when the exploits were discovered is not the same as when it was introduced to the internet. That means for a undisclosed length of time, AV protected machines were vulnerable as if they even didn’t have an antivirus at all. Any major attack nowadays is sophisticated enough to almost guaranteed at least initially to bypass any heuristics or proactive protections AV claim to offer.
Basically like other said, AV are only minimally effective at best. AV companies react fast when they find the attacks, but like I said they are almost useless when they don’t definitely know about it or have samples to make definitions for.
I’m assuming you’re being facetious.
Security is a many-layered thing … An antivirus would be one of your LAST lines of defense (if indeed it was able to detect zero-day exploits). If you’re relying on AV to protect you from harmful actions on your computer, in other words, it’s already on your system, then you’ve lost the battle. Better to be proactive and try to close the holes that let it in in the first place.
The day Adobe will finaly kill their bogus flash technology, I’ll get totally drank. That will be a giant festivity for all humankind.
Discovering yesterday that latest Flash 18.0.0.203 was again vulnerable was the final straw here. Looks like I anticipated Mozilla’s decision by completely removing Adobe Flash, not only for Firefox but for the Windows’ platform globally : I’m over with Flash, finished. Removed all traces, files and Registry, leftovers after the official uninstall. First surprise was to notice that several sites I believed required Flash for their videos handled HTML5 once they notice Flash is unavailable on the user’s machine. At this point it’s a 80 to 20 relief/handicap. It’s up to the domains still depending on Flash to make the move, and that move will be fast if/when they realize the number of users free of Flash.
Mozilla released Shumway which plays Flash animation to HTML5. You should try it.
No they don’t want you to use their in-house flash player.
They want you to use no flash player at all.
But as there are still idiots complaining about their favourite exploit site with funny videos and false news and crap do not work in firefox.
For those, and only those, shumway might be a solution.
Nothing but problems with ”nasty” flash ! They should ban and block java script also as being miss-used big time cosing us problems ! The whole good damn Internet should be rebuilt ! Opening web page should not compromise OS/user and not allowed to tamper with OS in any way !!! And MS does not provide ”secure user space” no access to low level OS ! That i consider using Linux for browsing internet maybe CubeOS or similar ! But that doesn’t solve problems with Firefox ! If then so Firefox blocks flash then alternative must be in place and provided with browser and guess what – it’s not !
True. Ghacks articled Shumway and that’s when I got to hear about it. Certainly promising but perhaps not yet sufficiently elaborated for me to try it. Later on I guess when it’ll be more mature. Thanks for mentioning it.
In your comment, the only thing I read is that Firefox wants people to use its in-house flash player, instead of taking the time to program its browser to work around the problem in Adobe’s.
I was wondering what happened. Good move actually. Maybe Adobe will step up and push some fixes.
The only way Adobe can fix Flash is by removing it.
Truer words have never been said.
Excellent proactive move by Mozilla!
They probably couldn’t manage to get a secure version and just made Firefox useless. Luckilyt, there are better alternative browsers.
I also found this interesting
http://secunia.com/resources/vulnerability-review/update-top50/
It is never “proactive” to block software, Internet Explorer has far less vulnerability reports than Chrome which means Microsoft can “block” chrome and prevent people from using Google’s Browser because it represents a significant security risk to their flagship product, Microsoft Windows.
In fact, since the majority of infections occur due to tainted web-ads, browser-vulnerability and flash-vulnerability alike, pushing ad-block on people makes more logical sense if all they wanted was to prevent infection.
But then, like-wise, Microsoft could block chrome and firefox from running on Windows, have a web-ad blocking service with constant updates be pushed into internet explorer, then set up a single loophole for a new product line:
Microsoft Ad Service, the only Ad service not blocked by Microsoft. Buy your ad-time today!
Open source is not beyond the corruption of corporate affairs. Don’t blindly support them without understanding the politics behind their actions. This has nothing to do with security, dig deeper.
Firefox is LYING, you cannot activate Adobe Flash, it is blocked for good.
It is not preventing me from using many sites that require Flash and to dictate to me what I can or cannot use and do is wrong.
Take your commie learning and move to China but first unblock Flash.
Develop your own if you must but till that time allow users to use Adobe Flash.
I have just updated Flash from Adobe website and Firefox still kept for asking for updates. Switched to Maxthon and the bonus was faster web access.
Firefox continues to ramble on about Adobe Flash being the security culprit. Meanwhile they sit on their ass and do nothing to offer an alternative Addon. Personally; I like what someone else said; switch to another Browser. That way Firefox might learn what its like to see massive boycotts on their infamous Browser. I’ve always liked the Firefox Browser but boycotting Adobe just doesn’t cut it for me. Where are the ingenious programmers at Firefox making their own type of Flash Addon?
Just remember, one of the tenets of open source is that any proprietary software is inherently bad and that copying the assembly and distributing as your “new” version isn’t stealing… unless you’re a corporation doing the same thing to open source software.
This has nothing to do with security, they just can’t stand that flash really is superior to the poor coding and slow framerates that jquery has caused.
thats why I just use explorer
Well, they aren’t dictating that you continue using Firefox, so if you want your choice switch browsers
First of all I understand why Mozilla have taken these measures as clearly Adobe has been dragging it’s feet on keeping Flash safe but want to get on my soapbox.
I love (or should I say loved) flash.
I’m no computer expert, I’m a photographer, and my computing knowledge before I jumped into flash was how to do a for next loop in Basic from school computer lesions. Ten years ago I needed a website but wasn’t really clear how I wanted it designed but I then heard about Flash and it sounded perfect for my needs. Six weeks later, after about 2 to 3 hours a day and a couple of all-nights I had got to grips with flash and Actionscript and had the most beautiful website I could have dreamed of which took up virtually no system resource (as all the flash did was smoothly control transitions on and off the screen). However, I was aware and horrified by the ugly cumbersome over designed flash sites that were popping up, developed like that simply because they could be I presumed. And then everyone hates flash because ‘it takes up too much system resource’ (in the main). What’s the expression ‘killing your cash cow’! Of course it had it’s issues with security but so has everything to do with the web and like everything needs constant attention and improvement. It was propriety as well – but then so is Microsoft Windows, OSX, iOS, Javascrip etc – what’s the problem with that. In my, I guess limited, view, the real reason Flash died was because someone (mentioning no names) didn’t like the power adobe would have if it kept growing!! Just my view with limited knowledge but years of experience watching the computer industry f!$Qk us up the ar@s.