Firefox to warn users of insecure Adobe Flash

By popular demand

By Dan Goodin, 4th September 2009

Upcoming versions of Mozilla's Firefox browser will automatically warn users running versions of Adobe's Flash Media Player that contain known security bugs, according to a published report.

The check will be invoked each time the popular open-source browser is updated, according to the report which was published Thursday by The H. Users who have out-of-date versions of the Adobe application will be notified in the "What's New" browser page that automatically opens each time an update is installed.

The feature is already available in versions 3.5.3 and 3.0.14 versions of Firefox, which are in beta testing, according to the publication. Mozilla officials didn't respond to emails requesting comment.

The move makes perfect sense given the difficulty many computer users have installing Adobe updates in a timely fashion. A report (PDF) released last month by security firm Trusteer found that 80 percent of PCs users failed to install one or more critical updates more than two weeks after they were issued. An estimated 99 percent of internet users have Flash installed, making it one of the world's most ubiquitous programs.

Flaws in the program are routinely exploited by criminals to install keyloggers and other malicious software on end-user machines.

If the Firefox feature makes it into release versions, Flash laggards who install a new version of the browser will receive a warning that reads: "You should update Adobe Flash right now. Firefox is up to date, but your current version of Flash can cause security and stability issues. Please install the free update as soon as possible." A download link is included. ®

Steps to Take Before Choosing a Business Continuity Partner

COMMENTS

House Rules Send Corrections

All Reader Comments (41)

Latest Comments

Posted Tuesday 8th September 2009 11:16 GMT

Disco-Legend-Zeke

blocking port 25

has been standard for at least 10 years now.

at one point i was making a phone call to ISP's where spam originated, and half didn't understand what my issue was. Of course back then spam was only 20% of all mail.

I am one of the oldest ISP's in the world, andover the years, spam filtering has cost me many, many thousands of dollars.

So, spay and neuter your pets and spammers. The world will be a better place.

Posted Tuesday 8th September 2009 09:28 GMT

Typical stupid Adobe

Its turned off & on 'able for the few times I actually need it.

But I wish theyd sort their software out & provide a better means of updating

Posted Monday 7th September 2009 13:10 GMT

Ed Blackshaw

@Bob Gateaux

There are legitimate reasons for using an older version of flash, such as compatibility testing, research into vulnerabilities, backwards compatibility et al. It would REALLY piss plenty of people off if they found that thier test system had been automatically updated for them without any choice in the matter the moment they connect it to the interwebs.

Also, it is not the job of the Mozilla foundation to publish fixes for Adobe. If the bug was in their software, your spiel about IE would make some sense.