To help us provide you with free impartial advice, we may earn a commission if you buy through links on our site. Learn more

Firefox blocks Flash, blasts Google for not doing same

Firefox Flash blocker

Flash blocked in Firefox over security concerns, as

Mozilla has blocked all versions of Flash in the Firefox browser, whilst its head of support has attacked Google for leaving millions of Chrome users exposed. The Mozilla team are reacting to yet more critical vulnerabilities in Flash that could allow hackers to take remote control of a PC.

Adobe’s Flash software is responsible for more security flaws than any other piece of PC software – including Windows itself – and has suffered dozens of critical flaws in recent years. The latest unpatched flaw has seemingly pushed Mozilla’s patience beyond its limit. “All versions of Adobe’s Flash Player plugin are currently deactivated by default, until Adobe releases an updated version to address known critical security issues,” reads an announcement on Mozilla’s support site.  

Users can still choose to override the block on Flash content in Firefox. Mozilla suggests that if customers need to run Flash on a trusted website, they should change their settings so that the software only runs when you click to activate it. (Mozilla provides instructions on how to do this on the link above.)

As Mozilla rushes to the moral high ground, the company’s head of support has attacked Google for leaving Chrome customers exposed to the flaw. Flash is baked into Google Chrome and Mozilla’s Mark Schmidt claims that leaves users of the popular browser vulnerable. “It’s day four of multiple critical Flash vulnerabilities and @googlechrome still hasn’t disabled Flash Player. wtf?” he tweeted

He continued the attack in replies to other users, telling one user: “If millions of people are infected this week via Flash on Chrome, then the line was drawn poorly. We’ll find out soon enough.”

In a statement issued earlier this week, Adobe said it was planning to release a patch for the critical flaws imminently. “Adobe is aware of reports that exploits targeting these vulnerabilities have been published publicly,” the company said. “Adobe expects to make updates available during the week of July 12, 2015.”

Many leading websites have now dropped the insecure, resource-hungry Flash in favour of HTML5 for multimedia playback. 

Read more