Adobe’s Flash isn’t known for being the most secure piece of software ever developed, but recently it has come under especially heavy fire after three previously unknown vulnerabilities were found in files leaked in last week’s Hacking Team breach.
Mozilla has decided that it has had enough of Flash’s weak security, and has taken action as a result, blocking the Flash Player entirely. Yesterday, head of Mozilla’s Firefox support team Matt Schmidt tweeted that all versions of Adobe Flash are blocked by default.
Fortunately, or unfortunately, depending on your point of view, this isn’t permanent. Schmidt later followed up on the first tweet: “To be clear, Flash is only blocked until Adobe releases a version which isn’t being actively exploited by publicly known vulnerabilities.”
While blocking Flash until its known exploits are fixed is certainly a good start, some think that it’s time for Adobe to call it quits on the software. Facebook’s chief security officer Alex Stamos tweeted on Sunday that “it is time for Adobe to announce the end-of-life date for Flash and to ask the browsers to set killbits on the same day.”
— Mark Schmidt (@MarkSchmidty) July 14, 2015
Adobe has already given up on a previous version of Flash. In 2011 the company stopped updating the Flash Player for mobile devices. There was never an official cancellation of the project, and it’s still possible to install it, but it isn’t missed by many.
Mozilla’s Blocklist page for the Flash plugin urges users who are eager for the return of Flash to keep an eye on its plugin check page for updates, though the message notes that no updates are available at this time.
If you need to use Flash for any reason, or just want to be in charge of what plugins are and aren’t enabled in your browser, it’s possible to re-enable Flash at any time in the Firefox settings menu.