Stories
Slash Boxes
Comments

SoylentNews is people

Mozilla Blocks all Flash in Firefox After Third Zero-Day

posted by janrinok on Tuesday July 14 2015, @07:49PM   Printer-friendly
from the this-might-make-adobe-think dept.

Arthur T Knackerbracket writes:

A ComputerWorld story explains that Mozilla has taken the unusual step of blocking all Flash after the announcement of the third 'zero-day' vulnerability in the last few days. It is possible to override the block by user selection for a single flash link or for all links. The block is in force even if Flash player has been updated since the first vulnerability was announced.

Mozilla on Monday began blocking all versions of Adobe Flash Player from running automatically in its Firefox browser, reacting to news of even more zero-day vulnerabilities unearthed in a massive document cache pilfered from the Italian Hacking Team surveillance firm.

Mozilla engineers swung into action over the weekend after reports surfaced late Friday of another Flash zero-day -- the term that describes a flaw for which there is yet no fix, or patch -- discovered in the gigabytes of data and documents stolen from the Hacking Team. At the time, the bug was the second in Flash spotted in just five days.

After reading the block warning, Firefox users can still run Flash content by authorizing the plug-in's operation. Since then a third Flash zero-day has cropped up.

Neither the second or the third vulnerability had been patched by Adobe as of late Monday, although the company has promised to do so this week.

 
This discussion has been archived. No new comments can be posted.
Mozilla Blocks all Flash in Firefox After Third Zero-Day | Log In/Create an Account | Top | 27 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Informative) by WillR on Tuesday July 14 2015, @09:24PM

    by WillR (2012) on Tuesday July 14 2015, @09:24PM (#209105)
    I'm feeling conflicting urges to snark.
    About Flash: Another Flash 0-day? Must be a day that ends in Y again.
    Or about Mozilla: I guess blocking all versions of the Flash plugin is an easier way to kill it off than making YouTube's HD HTML5 player work without dorking around in about:config.

    decisions, decisions...
    Starting Score:    1  point
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 0) by Anonymous Coward on Wednesday July 15 2015, @04:16AM

    by Anonymous Coward on Wednesday July 15 2015, @04:16AM (#209212)

    Adobe are the conflicted ones, always have been.

    10,000 credits for Photoshop (at least up to version CS5)

    -1.0 x 10^2^16 credits for PDF and its spyware reader and ongoing security issues

    -1.0 x 10^2^googol credits for Flash in all it forms

    So in the balance of the equation, Adobe is going to Hell, a giant hole of boiling lava should already have opened up under their HQ - seems overdue.