How do I stop Firefox from blocking "outdated" versions of Flash?
I don't want the Overseers at Mozilla telling what versions of ANYTHING I must use. I make my OWN decisions about security. How do I turn off those annoying, useless and nanny-state warnings about Flash player being out of date? PLEASE don't answer with "Update Flash Player here." That conformist nonsense is not what I asked for.
Všetky odpovede (16)
Use Ask to Activate for Flash in the Add-ons Manager > Plugins. Then use Click to Activate for each page that you want to run Flash on. https://support.mozilla.org/en-US/kb/why-do-i-have-click-activate-plugins
Beyond that your choices are limited to updating Flash to a version that is deemed more secure, or using a different browser.
NOT solved.
the-edmeister said
Use Ask to Activate for Flash in the Add-ons Manager > Plugins. Then use Click to Activate for each page that you want to run Flash on. https://support.mozilla.org/en-US/kb/why-do-i-have-click-activate-plugins Beyond that your choices are limited to updating Flash to a version that is deemed more secure, or using a different browser.
The issue is that versions of Flash that was released before December 9 are Vulnerable as the updates address vulnerabilities that could potentially allow an attacker to take control of the affected system.
For Windows and Mac 16.0.0.235, 13.0.0.259 ESR and 15.0.0.246 are not vulnerable according to Adobe and are not on blocklist.
https://helpx.adobe.com/security/products/flash-player/apsb14-27.html https://addons.mozilla.org/en-US/firefox/blocked/
Get 16.0.0.235 and 13.0.0.259 ESR for Windows/Mac and 11.2.202.425 for Linux at https://www.adobe.com/products/flashplayer/distribution3.html
Your "vulnerable" is not MY "vulnerable. There is SO much paranoia at the geek level.
James said
The issue is that versions of Flash that was released before December 9 are Vulnerable as the updates address vulnerabilities that could potentially allow an attacker to take control of the affected system. For Windows and Mac 16.0.0.235, 13.0.0.259 ESR and 15.0.0.246 are not vulnerable according to Adobe and are not on blocklist. https://helpx.adobe.com/security/products/flash-player/apsb14-27.html https://addons.mozilla.org/en-US/firefox/blocked/ Get 16.0.0.235 and 13.0.0.259 ESR for Windows/Mac and 11.2.202.425 for Linux at https://www.adobe.com/products/flashplayer/distribution3.html
I'm with you. I'm infuriated. I update when I have time, not the instant Flash tells me too, in case that update breaks something else. They have NO right to have this set on default. So I say TURN IT OFF and let US choose the default or I will, after a LONG time preferring Firefox, bail out and find a browser that respects the USERS rights.
The risk is mine to choose. Not yours, Mozilla!
Just to clarify, I am not employed with Mozilla so please do not be mad at me.
Look Mozilla only resorts to blocking Plugin and Extension versions when they pose say a serious security, stability or even malware issues at time. https://wiki.mozilla.org/Blocklisting
https://addons.mozilla.org/en-us/firefox/blocked/
Other than the two recent blocks of the Flash Player Plugin the last time Mozilla had added any versions of Flash player in blocklist list was back in January and February 2013, some two years ago. This goes to show it is not minor reasons right now.
The recent Flash player updates was due to critical zero day exploits have been exploited in the wild and Adobe is trying to fix it. The recent security bulletins are at https://helpx.adobe.com/security.html however they do not seem to fully load at moment when it was fine earlier. However there is http://helpx.adobe.com/flash-player/release-note/fp_16_air_16_release_notes.html
Only Flash Player 16.0.0.296 and 13.0.0.264 ESR for Windows/Mac OSX and 11.2.202.440 for Linux are secure at moment. https://www.adobe.com/products/flashplayer/distribution3.html
Upravil(a) James dňa
Um, the "paranoia" isn't fake. Flash provides a serious vector of attack, and should always be kept up to date. there are no downsides to updating and I honestly have no idea why you wouldn't... http://arstechnica.com/security/2015/01/attack-for-flash-0day-goes-live-in-popular-exploit-kit/
I don't know why you wouldn't want to keep things up to date to have as many things playing on your side.... If there are known holes why don't you fix them when it takes 30 seconds and doesn't cost a cent.
Still NOT solved.
I'm sorry but the solution is to update. nothing is going to change that. Why don't you want to update?
try setting extensions.blocklist.enabled to false. That seemed to work for me.
Prior to that, I also went through an set the update URLs for pretty much all updates to a null string (that didn't seem to do much).
The problem is it's even blocking me on Adobe's own website when I DO go to update the player. It does no good to have an 'allow' or 'continue blocking' buttons because no matter how many times I hit 'allow' on the same page it comes back immediately. And that is just wrong. It's okay to warn me of a security threat. Feel free to flash it in bold lettering and have an 'accept the risk' button. But don't just make it impossible to use it at all, without instantly dropping everything to run to the website and update only to block it even on Adobe's own website!
I have 2 reasons for not allowing auto updating: One is I might be in the middle of something and not have the bandwidth or such to spare. The second is...sometimes one can't update. This happened to my old computer, where it no longer met the system requirements. Trouble is I had allowed 'auto update' and it updated anyway, breaking all the browsers and I couldn't roll back the Flash or the browser. So I no longer could use the internet even to seek out a replacement computer.
I always update my Flash when I've finished what I'm doing and can be sure to double check those system requirements. I learned the hard way about letting them do it for me.
themanmulcahey said
try setting extensions.blocklist.enabled to false. That seemed to work for me. Prior to that, I also went through an set the update URLs for pretty much all updates to a null string (that didn't seem to do much).
This seems to work! Thanks.
Sorry but this is not a appropriate solution. This is a "Use at your own extreme risk".
There is a reason why none of the regulars who saw this thread suggested to toggle this preference to false. By toggling it to false this then means every version of the Plugin and Extensions listed in https://addons.mozilla.org/en-us/firefox/blocked/ will then be able to run and install in Firefox. They were on blocklist for serious reasons especially for security, malware and stability (crashing, freezing etc) issues that could not be ignored.
https://wiki.mozilla.org/Blocklisting
For Flash except for recently in last couple months, it had not been added to list since Jan/Feb 2013 as this time it was due to very critical security concerns. https://addons.mozilla.org/firefox/blocked/
James said
Sorry but this is not a appropriate solution. This is a "Use at your own extreme risk".
James, why did you feel the need to butt in? The question was answered. Your comment is redundant (see, e.g., the previous Chicken Little unhelpful responses above) and condescending. Try letting go of your fears once in a while. You'll be happier, and more people will like you.
There. How do YOU like being criticized needlessly?
sjduskin, updating it's redundant or condescending, it's the truth. Security holes in products like Flash aren't anything to joke about, it's serious and a major cause of malware. Please take your incorrect opinions somewhere else. Anyone who knows anything about internet security will tell you that you are incorrect.