Firefox users now automatically protected from that dastardly new Flash bug that was stolen and weaponized recently. Mozilla decided that the best way to keep its users safe was to stop the Flash plugin from running. At least for now. It’s not the Flashpocalypse that some bloggers are making it out to be. Mozilla did not, in fact, “take Flash out behind the shed” and put a bullet in it.
The truth is that this was business as usual for Mozilla. They’ve blocked problematic plugins — like Java, for example — before. It’s all part of Mozilla’s security strategy. Sometimes, they say, security of the Firefox user base has to be prioritized over a seamless web experience. That’s exactly what happened this week. A couple of high-severity Flash bugs were reported. One was stolen by hackers who infiltrated the “security” firm Hacking Team and then weaponized in short order by cybercriminals. Another popped up a few days later that affected all version of Flash, including the latest, 18.0.0.209.
Hit a page that uses Flash right now with Firefox and you’ll probably see the result: a warning like the one at the top of this post. Then again, you might not see it.
If you’ve browsed Mozilla’s support docs before, you may have stumbled across one of their proposed remediations for Flash security issues: remove it. You can probably get along just fine without it, if not permanently at least until Adobe squashes this latest critical bug.
One day soon, hopefully, Mozilla’s Shumway project will come to fruition and you’ll be able to run Flash content without the need for Adobe’s plugin. That day can’t come soon enough, and when it does, then headlines about Mozilla putting Flash out its misery (or putting us out of Flash’s misery) will actually be true.
0 commentaires:
Enregistrer un commentaire