Mozilla Firefox Web browser intends to improve users` security and ensure faster page loading by blocking certain Flash Player content.
The idea of this change lies on the fact that plugins, such as the popular Adobe Flash Player, often bring up stability, performance, and security issues for browsers. From next month on, Firefox will block any non-vital for the users Flash content. The company states, though, that the legacy Flash content will still be supported by the browser.
The Flash Player plugin has opened many doors to cybercriminals by being one the most vulnerable pieces of software. They have been kicking it around for drive-by-downloads and many other versions of compromise. Adobe has started the patching process fixing the most critical flaws in the plugin. Zero-days, which have already been used in attack by APT groups, were also on the patching-need list.
To prevent any compatibility issues that might occur, Mozilla will start by blocking only a short list of Flash content which can be replaced with HTML. However, the expectations are 10% reduction of Flash-related crashes and hangs. Moreover, the company plans to gradually widen the list in time.
“Later this year, we plan to expand this list to include the use of Flash to check content viewability, a common practice to measure advertising,” blogged Benjamin Smedberg, Engineering Manager at Mozilla.
According to Smedberg, this operation will not only lead to better page load times but it will also improve security battery life and browser responsiveness.
“Firefox is set to implement the equivalent HTML Intersection Observer API later this year.” explains Smedberg and advises all Flash using content producers to download the new API when it is ready.
More changes are on the Mozilla`s next year list. Click-to-activate approval will be demanded from users without which the Flash plugin will not be activated to display connect. Therefore, websites using Flash of Silverlight for games and videos are strongly advised to adopt HTML technologies. Encrypted video playback using Adobe Primetime and Google Widevine as alternatives to plugin video is already supported in Firefox.
“These changes are part of our ongoing efforts to make browsing safer and faster without sacrificing the Web experiences our users love. As we announced last year, Firefox plans to drop support for all NPAPI plugins, except Flash, in March 2017,” adds Smedberg.
Google Chrome browser, according to experts, will also follow the steps of Mozilla and start blocking Flash content. It will replace Flash with HTML5 and users will be asked to accept Flash only if necessary.
In February, Google reported that as of July 2016 no more Flash adds will be accepted and that it would stop displaying them in the early 2017.
