Mozilla Firefox has decided to place a temporary ban on Adobe Flash Player on Windows as well as on iOS platforms. The group Hacking Team reportedly utilized three different routes to breach the plugin and Mozilla has said they would keep Flash blocked until Adobe repairs all issues that have made them susceptible to hackers.
Hacking Team is a Milan-based technology company that produces controversial software for law enforcement and government agencies to monitor internet usage and browsing by individual users. Earlier this month, Hacking Team itself had a serious breach when they were hacked by unknown individuals that exposed data showing the company had worked with Sudan as well as the Lebanese Army. Both are groups that the company has previously denied working with.
The leaked data showed several hacks into Adobe Flash Player which essentially showed the vulnerability of Flash. The breach showed a zero-day vulnerability with Adobe that could potentially be used to affect computer data, programs and entire personal and business networks. Adobe has stated they will have all vulnerabilities repaired within the week.
Adobe Flash Player version 18.0.0.203 has been blocked indefinitely. Adobe has now updated to version 18.0.0.209. 209 is not blocked by Mozilla but as of yet there is no word on whether it will accomplish the goal that Mozilla wants to see in order to reinstate Flash and remove the block altogether.
According to PC World , Mark Schmidt, Mozilla’s head of support, stated on Twitter ,
“Our block-listing policy doesn’t call for us to block [version 18.0.0.209], provided it is sufficiently patched.”
Adobe was, for many years, the only way to watch animation and video online. Recently, the software has slowly been losing its popularity due to HTMLs, a software that is built into browsers now that allows users to watch video without utilizing Adobe Flash Player or external video software. Flash, however, is still very widely used and this ban may have some that use Firefox lose video and animation viewing capabilities while Adobe works to correct the problem.
A Washington Post article released information saying that when users login to Mozilla a message now pops up letting them know that “Flash is vulnerable” and that Mozilla has the right to block any software that “seriously compromises Firefox’s security.”
Mozilla made the decision to ban Adobe Flash Player for the safety of their users as well as to ensure crisp browsing while using Firefox. Google Chrome is still currently using their integrated Flash plugin, version 18.0.0.203. Google does set limits through a security sandbox when users are browsing the internet and not watching animation or video that would necessitate the use of Flash. Google did, however, stop using Flash for YouTube videos earlier this year.
Firefox users may move around the ban by choosing to enable Flash although Mozilla has blocked it from their end. To do this, users need only to click on the Add-Ons button in their menu and then click Plugins and Shockwave Flash to reinstall Adobe Flash on their own. Firefox recommends that users that choose to do this also choose to enable Flash protected mode after they add Adobe Flash back to their browser.
Facebook’s new chief security officer, Alex Stamos, tweeted,
“It is time for Adobe to announce the end-of-life date for Flash and to ask the browsers to set killbits on the same day.”
For Stamos, as well as many in the world of technology, Adobe Flash is long overdue to come to an end and with this latest breach, this may just be the final days of Adobe Flash Player as the world has known it for so long now.
{Photo Credit: Angela Caito}