Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mozilla To Protect Adobe Flash Users

Posted by Soulskill on from the helping-those-who-don't-help-themselves dept.

juct writes "Beginning with versions 3.5.3 and 3.0.14 of Firefox, Mozilla is going to check the version of installed Adobe Flash plug-ins and warn users if it discovers an outdated version with potential security holes. Mozilla confirmed this new security feature and said that the Flash version check was part of a wider commitment to 'protect users from emerging threats online.' Just recently, a study confirmed that 80 per cent of users surf with a vulnerable version of Adobe's plug-in."

17 of 132 comments (clear)

  1. Guaranteed to work by Norsefire · · Score: 4, Insightful

    "WARNING!! The version of Adobe Flash you are using is out of date and contains security holes, please upgrade by clicking here ..."

    Oh dear, I don't understand what this means. Luckily my son, who got sick of me ringing him for computer help, told me what to do whenever I encounter a box I don't understand; click the X, or click cancel, or ignore. Now back to clicking on every ad I see.

    Of course, that isn't likely to happen. It would be more like:

    WARNING!! The version of Adobe Flash you are using is out of date and contains security holes, unfortunately you are using Internet Explorer so there is no warning.

    1. Re:Guaranteed to work by RiotingPacifist · · Score: 4, Funny

      ctrl+shift+P FTW, that way nobody has every found out that i like gay midget donkey porn!

      --
      IranAir Flight 655 never forget!
    2. Re:Guaranteed to work by Midnight+Thunder · · Score: 3, Interesting

      Oh I thought it should have been:

      "Warning: You are using Adobe Flash, are you sure this such as good idea? How about some nice Dynamic SVG?"

      --
      Jumpstart the tartan drive.
    3. Re:Guaranteed to work by Hurricane78 · · Score: 3, Insightful

      You contradict yourself twice in that little paragraph. What point is it you are trying to make?? ^^

      I think they will simply click on that OK to upgrade, as they click on everything else. To support that, just make the cancel button look small, scary, not recommended, with a sick face and a burning computer on it, and make the OK button 80% of the rest of the dialog, and make it look like a "red cross love palace for health, safety and happiness".
      I'm serious!

      Also, here in Germany, most people use Firefox, you insensitive clod! :P

      --
      Any sufficiently advanced intelligence is indistinguishable from stupidity.
    4. Re:Guaranteed to work by Late+Adopter · · Score: 4, Funny

      "Warning: You are using Adobe Flash, are you sure this such as good idea? How about some nice Dynamic SVG?"

      That'd be great! Do you have any? This, ummm, isn't my website, you know. =P

    5. Re:Guaranteed to work by thanasakis · · Score: 4, Insightful

      Have you ever actually tried writing some nice dynamic svg?

    6. Re:Guaranteed to work by Dragonslicer · · Score: 4, Funny

      How the fuck does a post that consists of incoherent rambling get modded up?

      Um, this is Slashdot. You have been here before, right?

  2. Presumably by drseuk · · Score: 5, Funny

    the remaining 20% don't use Flash then?

  3. And Good For Them! by Toad-san · · Score: 4, Interesting

    I've found replacements for Adobe Reader and Real player (Foxit and Real Alternative), but couldn't find a replacement for the Flash player (alas).

    This is better than nothing. I have Flash (and all other scripts) turned off by default in my Firefox browser, but am still forced to use it to see some things.

    Yeah, I know the troglodytes won't understand the warning, but it might give them the slightest clue that something's wrong.

  4. Re:Does flash not already do this? by postmortem · · Score: 4, Informative

    It does, sometimes on system startup; however it only installs updated plugin for Internet Explorer.

  5. Automatic updates by chrisgeleven · · Score: 4, Interesting

    I am really surprised browser makers aren't doing automatic updates for plugins like Flash. That is really the only way to keep them up-to-date.

  6. Yeah, I got that. by thePowerOfGrayskull · · Score: 5, Informative
    Signed up for beta/testing FF updates. I get notified by FF that adobe is out of date. I click to install it. And lo! what installs? Not Flash... but some crappy Adobe Download Manager plugin whose sole purpose seems to be to download and install Adobe products. The Flash update did not ever download, even after FF restart.

    Broke my own first rule on this one -- never download anything you're not 100% certain of - but it's still frustrating. If FF tells me it's taking me to install Flash, I think I should be able to trust that Flash is what I'm going to get.

  7. swapping one exploit for another by Anonymous Coward · · Score: 3, Interesting

    swap one exploit for another
    http://www.google.com/search?hl=en&q=%22Adobe%20Download%20Manager%20%22%20exploit

    wtf is wrong with Adobe ? whats wrong with just providing the plugin and nothing else ?
    i should also rant at Sun for installing their fkin Yahoo toolbar/spyware accross our corporate network on every Java monthly update or installing their quickstarter/net assistant Firefox plugins without permission,then there is Apple with their forcing "Safari" (another exploit vector) as a pre-ticked update on their Quicktime updates WTF ? , google installing scheduled phone-home tasks every 15min with any bit of software they install
    really just fuck off, fuck right off

    is it any wonder with this despicable behaviour from major software companies with their "update" software is abused as a "install more crap" service that people dont update their plugins/software for fear of getting crap that they didn't ask for therefore exposing themselves to all these vulnerabilities or more if they do install it

    perhaps when they get tagged as badware and spyware their behaviour might change
    or maybe a good old million dollar class action lawsuit might

  8. Re:Does flash not already do this? by A+Friendly+Troll · · Score: 4, Informative

    I have never had Flash notify me that it needs an update. Ever. The only time I've seen the notification was on a single computer at the office.

    A few days ago I was given this link http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager05.html - I think it was somewhere on Slashdot, either in the article, or in the comments. Sure enough, I went there, and Flash was set to never notify me of updates.

    Worth checking out.

  9. Re:Gnash? by RiotingPacifist · · Score: 3, Interesting

    Switching is too much of a PITA, if gnash works for 70%+ of content and i could easily load adobe for the other 30% (new games etc), i would switch too! Unfortunatly on linux switching requires me to run a script and restart firefox. Ideally gnash could chainload adobe flash but the devs probably hate the idea of accepting partial defeat, unfortunatly until they do its too much of a PITA for day to day use!

    --
    IranAir Flight 655 never forget!
  10. Re:Drunk the Kool-Aide by RiotingPacifist · · Score: 3, Funny

    I'm sorry in future we will try and make all releases of software perfect and not release until we are 100% sure no vulnerability will ever be found

    ~the hurd team

    --
    IranAir Flight 655 never forget!
  11. Re:Does flash not already do this? by Sulphur · · Score: 3, Funny

    We are sorry, this page is designed to work with version 8 or greater. You are using version 10.