Relaymedia

Mozilla Re-Enables Flash On Firefox Web Browser Following Security Updates Release

( [email protected] ) Jul 17, 2015 01:43 PM EDT
Mozilla has re-enabled Adobe Flash Player on its Firefox web browser following the release of security updates.

Mozilla has re-enabled Adobe Flash Player on its Firefox web browser following the release of security updates.

"A few days ago we were notified of two vulnerabilities within the Flash Player that could potentially allow an attacker to take control of an affected system," Adobe said in a statement.

"Upon investigation, we confirmed and fixed the issues, and took steps to ensure that this class of attack cannot be used as a future attack vector."

According to The Register, the security issue appears to have re-energized efforts at Mozilla to work on Flash alternatives.

Chad Weiner, director of product management of Mozilla, said that while Mozilla is glad Adobe fixed the vulnerabilities, Mozilla will "continue to work with developers to encourage adoption of safer and more stable technologies, such as HTML5 and Javascript, and we look forward to helping drive that conversation."

All versions of Flash were blocked within Firefox by default early this week following widespread reports of serious security issues.

Mark Schmidt, head of Firefox Support, announced the move on Twitter.

Flash was back up after Adobe released a patch to fix the vulnerabilities which were discovered after a breach on surveillance software firm Hacking Team.

Adobe has reportedly been under siege after three serious Flash vulnerabilities were discovered in the firm's internal documentation, a report by Techspot said.

A TNW News report also said that a product source code was also leaked online.

The Hacking Team has reportedly been using Flash to sneak into people's computers and load spyware onto them, a CNN report said.

Mozilla said it decided that this is the best course of action on the advice of security experts who suggested to either uninstall Flash Player or switching to a click-to-play activation method.

Experts added that one of the ways to prevent attackers from exploiting Flash vulnerabilities is to cut off access.

Facebook's head of security had urged Adobe to kill Flash, but analysts say it might be too late to rescue its ageing multimedia platform.

Alex Stamos called for the disabling of Flash as the plugin is reportedly being used to spread malware.

"It is time for Adobe to announce the end-of-life date for Flash," said Stamos on Sunday following the reported breach on the Hacking Team's files.

According to Techspot, Mozilla may end up re-enabling Flash in Firefox, but would have to disable it again when another security issue is discovered.

"It might annoy those who play Flash-based games or videos in their browser, but perhaps the best course of action really is to have Adobe kill off Flash once and for all," the report said.

The Register saidF-Secure reported a "clear increase in Flash exploits" since the Hacking Team attack became public last week. One of the most recently fixed Flash flaws - CVE-2015-5122 - was incorporated into at least two exploit kits.

Adobe chief spokesman Wiebke Lips said blocking the vulnerable versions of Flash Player encourage users to upgrade