Posted by: Robert Westervelt
Adobe Flash, Firefox security, Mozilla security
Mozilla is coming to the aid of third-party vendors whose components are used in its popular browser.
Mozilla is releasing a new feature in Firefox that will warn users of the popular browser that their Adobe Flash plug-in is out of date.
The changes will come to the upcoming releases of Firefox 3.5.3 and Firefox 3.0.14.
Mozilla’s Human Shield, Johnathan Nightingale, announced the new feature in a blog entry last week:
Our intent is to get the user’s attention, and direct them to the Adobe website where they can download the most up to date version. For users who are already running the latest version, or who don’t have the Adobe Flash Player installed, the page will look very much like what they would normally see after a Firefox security update.
Nightingale said Mozilla hopes to provide similar checks for other third-party plug-ins in the future.
Adobe has been under fire of late for its patching processes. The software maker has had a slew of updates over the last year as attackers targeted holes in its popular PDF reading software and its Flash player in drive-by attacks.
Last month, Mickey Boodaei, the CEO of security vendor Trusteer criticized Adobe after a review of more than 2 million Trusteer users found that nearly 80% of Flash users were using a flawed version of the browser component two weeks after Adobe pushed out the patch.
By default, Adobe set its Flash component to check for a new version every 30 days, resulting in a patching delay when a security update is issued. Adobe has an extremely large install base so setting the update check for every day or every week could overburden its servers and cause even more problems.