Plugin block request: Adobe Flash player version and earlier




a year ago
7 months ago


(Reporter: jorgev, Assigned: jorgev)


Firefox Tracking Flags

(Not tracked)





a year ago
Version and earlier of the Flash plugin are vulnerable and an active exploit exists for them in the wild:

Comment 1

a year ago
The block is now staged. Bogdan, can you please test and then ping :TheOne to have it deployed? (I'll be traveling tomorrow)
Flags: needinfo?(bogdan.maris)

Comment 2

a year ago
Since this only affects ESR and Flash blocks are simpler now, let's skip the QA step. Sorry for the noise. Andreas, please push this block live.
Flags: needinfo?(bogdan.maris) → needinfo?(awagner)
The block is now live.
Last Resolved: a year ago
Flags: needinfo?(awagner)
Resolution: --- → FIXED
Comment hidden (admin-reviewed)

Comment 6

11 months ago
When a user hits "Allow and remember...", it comes up after every relaunch.

Where can I post for feedback on how to stifle this block for all our thousands of users?

Reason, updates to Adobe Flash have to go through a stringent Change Control process in enterprise, so we can't update yet.


Comment 7

9 months ago
FF 58.0.2: going to Add-ons Manager, I'm told that "Shockwave Flash is known to be vulnerable and should be updated. [Update Now]". But when I click "Update Now" the resulting page is blocked because it has Flash content on it! This is not a useful interaction since I'm told to update but the update page is blocked.

Current flash version is 21.0.r0.

Comment 8

9 months ago
Plugin blocks should link to, which doesn't require Flash to work.
You need to log in before you can comment on or make changes to this bug.