The Hacker News Logo
Subscribe to Newsletter

Firefox 17 Beta Released with Click-to-Play Plugins for blocking vulnerable Plugins

Last week, Mozilla announced it will prompt Firefox users on Windows with old versions of Adobe Reader, Adobe Flash, and Microsoft Silverlight, but refused to detail how the system will work. Finally today Firefox 17 is now in beta and with it is a very cool feature, click-to-play plugins.

When a user lands on a site that requires the use of a plugin, say Adobe Flash, if the version running in the user's browser is on the list of known vulnerable applications, Mozilla will disable it and show the user a message saying that she needs to update the plugin.

"By combining the safety of the blocklist with the flexibility of click-to-play, we now have an even more effective method of dealing with vulnerable or out-of-date plugins." Mozilla wrote on blog. Mozilla is still working on implementing the controls, which would allow you to block all plugins by default and then pick where you want them to run.

As already mentioned, this feature will be enabled by default in Firefox 17. There is, however, an about:config preference “plugins.click_to_play” that can be set to true to enable click-to-play for all plugins, not just out-of-date ones. Mozilla says it is still developing this part.

The main motivation behind this plugin is to prevent users’ systems against drive-by attacks that target vulnerable plugins.

Subscribe to our Daily News-letter via email - Be First to know about Security and Hackers.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.