Created attachment 8503032 [details] Untitled 2.png User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36 Steps to reproduce: 1. Firefox blocks old versions of plug-in, when it finds in the computer. 2. But It still allows to run the old version plug-in by using the User Interface which is a security vulnerability. Actual results: Firefox is allowing to run the old versions of plug-ins by using the User Interface which is a security vulnerability. Since the Impact of plug-in security vulnerability is very high, Firefox should not support old versions of plug-ins permanently. Thanks Chandra Mohan Expected results: Firefox should not support old versions of plug-ins permanently.
Hi Firefox should run the plug-ins only if it is up-to-date. This would be the complete fix for the vulnerabilities in plug-ins. Thanks
Marking the plugin as click-to-play is the tradeoff we put in place to try and nag users into upgrading while recognizing that in some cases it may not be possible. We do not plan on changing this behavior.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.