Firefox Blocks Adobe Flash, Fix Still Uncertain

By on

Have you noticed regular pop-ups blocking Flash files from loading in your Firefox browser? Well expect more of that as Mozilla Firefox Web Browser has been blocking the Adobe Flash since Monday.

And although Adobe Flash has released an updated version which Firefox seem to accept by default, ?there is still no certain ?assurance that Flash has addressed its malware susceptibility. If it is still vulnerable, and thousands or millions of Flash users may still be prone to different viruses.

But what is Flash? It is a ?middleware? software which puts an add-on extension to the browser to that allows users to view content. Flash was widely used before and even entirely powered YouTube?s ability to play videos. Now, only 11% of websites use flash, survey company W3Techs said.

The issue started when Mozilla Firefox Web Browser blocked Flash after Facebook Security Chief Alex Stamos publicly asked Adobe to remove their plug-in. ?It is time for Adobe to announce the end-of-life date for Flash and to ask the browsers to set killbits on the same date,? Stamos tweeted.

The following day, Mozilla temporarily blocked all versions of Flash. Mozilla Mark Schmidt then tweeted that Firefox will stop actively blocking Flash after they have fixed the vulnerabilities.

?To be clear, Flash is only blocked until Adobe releases a version which isn?t being actively exploited by publicly known vulnerabilities,? Schmidt said.

Everyone was afraid of Flash when Italian security company ?Hacking Team? which reportedly had three working exploits for flash, was hacked. After they were hacked, all of the tools they used were spread and may endanger internet users with malware and other viruses.

Symantec confirmed that an existence of a Flash exploit works on the latest version of flash (18.0..194). They also confirmed it works against people viewing content with Internet Explorer and presumed will work against other browsers.

Symantec tested the malware: ?Given the source of the proof-of-concept code, it is possible that this vulnerability has already been explored in the wild,? Symantec said in a blog post. ?Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected computer.?

In 2010, Steve Jobs was able to foresee the problem. He wrote a 1700-word account of why he refused to put Adobe Flash in the Apple iOS. He also said it was ?the number one reason Macs crash? as Flash has ?one of the worst security records in 2009?.

An exploit broker of a separate Zeroday in the Windows Kernel said the vulnerability has been in every version of Windows since Windows XP.

Do you think Adobe Flash should be removed?

About the author

To Top