Mozilla is blocking the Adobe Flash Player from automatically running in its Firefox Web browser until an update is released to address concerns about its security. Flash is a common software used to view videos, GIFs, and animations in web browsers. It is supported by most Web browsers including FireFox, Safari, Internet Explorer, and Chrome.
The Mozilla Foundation, which makes a number of free-to-use email, Web-browsing, and mobile services, announced it would start blocking the use of Flash Player by default on Firefox in a threat advisory. "Following Adobe’s advisory for two critical vulnerabilities in Adobe Flash Player 220.127.116.11 [the latest version of Flash] and earlier versions for Windows, Macintosh and Linux, we have disabled Flash by default in Firefox to protect our users from active exploits which are distributing malware,” Mozilla director of product management Chad Weiner told Business Insider.
The vulnerabilities in question were uncovered in the wake of the high-profile Team Hacking leaks. The leaks occurred on July 6 when a group of hackers infiltrated Italian surveillance firm Team Hacking—which creates and sells spy software.
The hackers published 400GB of allegedly stolen Team Hacking data online, including the source code of the firm’s spy tools and what software vulnerabilities they exploited. The exploits targeted included the Adobe Flash flaws mentioned by Mozilla. The security flaws led to a backlash against Adobe, after it was discovered criminal groups have begun using the Flash bugs in their cyber scams.
Facebook’s new chief security officer Alex Stamos led the charge against Flash and called for Web browsers to “announce the end-of-life date for Flash and to ask the browsers to set killbits on the same day,” on Monday.
Stamos is one of many professionals to call for an end to Flash. Deceased Apple co-founder Steve Jobs famously hated Flash and worked hard to keep it from running on iPhones and iPads during his tenure as the company’s CEO.
Mozilla’s Weiner confirmed the current block is not permanent and the firm plans to stop blocking it when Adobe fixes the software’s security. “Adobe is expected to release an update to Flash sometime this week. This new version of Flash will be activated in Firefox by default," he said.
A Mozilla spokesperson declined to comment the firm would ever consider permanently blocking Flash Player, telling Business Insider the firm “has nothing to add for the moment.”
Business Insider has reached out to Adobe for comment. Business Insider also reached out to Microsoft and Google’s security teams to see if they are also considering blocking support for Flash, but similarly had not received a reply at the time of publishing.
In the past, Mozilla has been proactive and aggressive when dealing with insecure products, or technologies it feels are invading on its customers’ privacy. Mozilla used a solution developed by privacy advocate and Stanford lecturer Jonathan Mayer to turn off third party cookies in Firefox on May 2013. Cookies are pieces of code websites drop into your browser when you visit websites. They are used by advertisers to target you with adverts.
The European Parliament imposed laws, forcing websites dropping cookies to alert visitors they are doing it in 2012.