Mozilla Blocks Flash By Default Due to Serious Security Threats
The user still has the option to unblock Flash for individual sites, but overall Flash will not just run whenever it is called in the browser. As far as Mozilla is concerned, this is a necessary move for the security of their users.
Several bugs were unearthed in the dump of Hacking Team’s archives recently, and these were unpatched bugs that an attacker could take advantage of to compromise a Flash user in Firefox or any other browser. While Adobe says, it takes the bugs “very seriously,” no one wants to trust Flash at the moment. After all, Flash’s primary purpose has always been video on the Internet, and in HTML5, a video is possible without the use of Flash.
Anyone using Flash will have noticed the block by now. Although the user is afforded the ability to unblock Flash on any given website, at least they are aware that Flash will not execute without their permission. This should afford them some amount of security as compared with simply letting Flash run after these exploits have been made so public, there will likely be people trying to take advantage of them. The swath of the web population who still use Internet Explorer or some other browsers, like Chrome, will want to be wary of any site running Flash as well. There’s no telling how deep it goes. The bugs that were discovered were serious security vulnerabilities.
Hackers Find Trove of Tools
Hackers looking to build a bot net now have a serious upgrade in the range of their tools thanks to the Hacking Team dump. According to recent reports, the company’s code is now also out in the wild, meaning that clever hackers will be able to put together some rather powerful hacking tools, which have been sold to governments and large corporations in order to achieve certain goals on the Internet.
In addition to the tools and exploits published in the Hacking Team dump, their financial records were dumped, which detailed how they’d had dealings with private companies as well as nefarious and repressive governments. This illustrated Hacking Team as a heartless, indiscriminate group of mercenaries, rather than their previous narrative, where they had been some government helpers.
Companies like Mozilla have exposure when it comes to software such as Flash, and they have to limit it when exploits such as these are published. It seems that until Adobe is sure that Flash is fixed, and Mozilla is sure that Flash is fixed, that Firefox will block Flash by default.
Featured image from Shutterstock.