All previous versions, up until 18.104.22.168 of Adobe Flash are now in Mozilla Firefox’s blocklist.
This action was announced by Mark Schmidt, head of Firefox support in a twitter feed.
Few days prior to Mozilla’s initiative Facebook had also extinguished all Flash plug-ins as they were reportedly being used to spread malware to users’ systems.
Recently an Italian surveillance firm Hacking Team was hacked and 400GB worth of the company’s internal files, source codes and communications were leaked onto the Internet.
Three major Adobe Flash vulnerabilities were leaked via which your security system can be exploited. These vulnerabilities can also affect all versions of Flash on Windows, Linux and Macintosh systems.
Though Adobe has said that these issues will be taken care of by next week, Mozilla has put Adobe in their blocklist until all these vulnerabilities are assessed.
Firefox is now displaying a warning message on its plug-in management page about the vulnerability of Flash. All Flash plug-ins will either be set to “ask to activate” or “never activate”. Options to switch these states are not available as Adobe Flash is on the browser’s block-list.
Whenever a web page embedded with Flash-based content is opened Firefox will display a warning message in the browser.
Firefox has prevented the unsafe plug-in “Adobe Flash” from running on [website url].
This prompt will include options to allow the plug-in. if the option be selected then Flash content will begin to load as normal. Hence, it will ensure that the codes on the website can’t exploit the Flash vulnerabilities without while the user remains oblivious.
Firefox is now invested on training Shumway which is an HTML-5 based SWF renderer to replace the necessity of Flash.
It seems quite grim for Adobe as a major browser has shut off their old multimedia platform and is working on finding an alternative.