Mozilla blocks Flash by default on Firefox browser

[Starbuck]

Adobe's Flash software is now blocked by default on all versions of the Firefox web browser.

 

Mozilla, which develops Firefox, imposed the block because recently unearthed bugs in Flash were being actively used by cyber-thieves.

 

The bugs were detailed in a cache of documents stolen from security firm Hacking Team that was hit by attackers last week.

 

Adobe said it took Flash's security "seriously" and was planning bug fixes.

 

Flash is widely used on many websites for both multimedia and interactive elements.

 

Common code

 

On its support pages, Mozilla said the block would remain until "Adobe releases an updated version to address known critical security issues".

 

Attackers were known to use vulnerabilities in Flash to install malicious software on computers and steal data, it added.

 

The vulnerabilities in the documents stolen from Hacking Team have been quickly added to so-called exploit kits which are used by many thieves when they craft campaigns that seek to take over victims' computers.

 

Mozilla also gave advice about how to adjust Firefox's settings so Flash would only run with the permission of a browser's user rather than all the time. It said users should only activate Flash on sites they trust. Firefox is the third most popular desktop browsing program, according to figures gathered by analysis firms that monitor browser market share.

 

The block comes soon after Facebook's newly appointed security chief Alex Stamos publicly called for Adobe to kill off Flash.

 

"It is time for Adobe to announce the end-of-life date for Flash and to ask the browsers to set killbits on the same day," he said in a tweet.

 

In a later message he said Adobe setting a date would help everyone plan and prepare for the day it no longer worked.

 

 

Source:

http://www.bbc.co.uk/news/technology-33520935