Mozilla has added all versions of Adobe Flash up to the most recent version 18.0.0.203 to the Firefox blocklist.
Security researchers have discovered vulnerabilities in recent versions of Adobe Flash that have not been patched yet by Adobe but are exploited in the wild. In particular, several exploit kits are already making use of it to serve crypto-ransomware to systems running Adobe Flash.
In an effort to protect Firefox users from harm on the Internet, Mozilla has added the current version of Adobe Flash and all previous versions to the browser's blocklist.
The blocklist lists browser extensions, plugins and other components that are blocked automatically by Firefox either directly or sometimes in the case of plugins, by setting them to "ask to activate".
The Flash vulnerability affects all versions of Flash on Windows, Linux and Macintosh systems.
Firefox displays a warning message on its plugins management page that Flash is vulnerable. As you can see on the screenshot below, Shockwave Flash has been set to "ask to activate" and not blocked permanently.
more
Mozilla blocks all versions of Adobe Flash in Firefox - gHacks Tech News
Facebook calls for end to Flash as Firefox blocks it over hacking holes
The mob is turning against Flash. Mozilla has blocked every version of Adobe’s Flash plugin from running within its Firefox browser, while Facebook’s head of security has called for Adobe to kill it off.
The moves come following a series of vulnerabilities in Flash being actively exploited, including those exposed by the Hacking Team compromise.
Firefox users seeking to view Flash-based content, such as videos, adverts or more complex web tools for uploading images and other actions, will need to click again and accept a warning that “Flash is known to be vulnerable. Use with caution”.
That means users of Firefox cannot use Flash by default and will not be able to until Adobe patches the security bugs and updates the plugin. Adobe has struggled to keep up with the number of bugs and vulnerabilities being exposed within Flash.
At the same time, Facebook’s head of security Alex Stamos, who is previously credited with significantly improving the security of Yahoo’s operations, called for Flash to be killed off.
more
Facebook calls for end to Flash as Firefox blocks it over hacking holes | Technology | The Guardian
Security researchers have discovered vulnerabilities in recent versions of Adobe Flash that have not been patched yet by Adobe but are exploited in the wild. In particular, several exploit kits are already making use of it to serve crypto-ransomware to systems running Adobe Flash.
In an effort to protect Firefox users from harm on the Internet, Mozilla has added the current version of Adobe Flash and all previous versions to the browser's blocklist.
The blocklist lists browser extensions, plugins and other components that are blocked automatically by Firefox either directly or sometimes in the case of plugins, by setting them to "ask to activate".
The Flash vulnerability affects all versions of Flash on Windows, Linux and Macintosh systems.
Firefox displays a warning message on its plugins management page that Flash is vulnerable. As you can see on the screenshot below, Shockwave Flash has been set to "ask to activate" and not blocked permanently.
more
Mozilla blocks all versions of Adobe Flash in Firefox - gHacks Tech News
Facebook calls for end to Flash as Firefox blocks it over hacking holes
The mob is turning against Flash. Mozilla has blocked every version of Adobe’s Flash plugin from running within its Firefox browser, while Facebook’s head of security has called for Adobe to kill it off.
The moves come following a series of vulnerabilities in Flash being actively exploited, including those exposed by the Hacking Team compromise.
Firefox users seeking to view Flash-based content, such as videos, adverts or more complex web tools for uploading images and other actions, will need to click again and accept a warning that “Flash is known to be vulnerable. Use with caution”.
That means users of Firefox cannot use Flash by default and will not be able to until Adobe patches the security bugs and updates the plugin. Adobe has struggled to keep up with the number of bugs and vulnerabilities being exposed within Flash.
At the same time, Facebook’s head of security Alex Stamos, who is previously credited with significantly improving the security of Yahoo’s operations, called for Flash to be killed off.
more
Facebook calls for end to Flash as Firefox blocks it over hacking holes | Technology | The Guardian