FireFox Update will Block all Plugins by Default Except Whitelisted Plugins
Mozilla FireFox, the second biggest browser in the world is maximizing their security. To improve browser stability, performance, and security Mozilla will block all plugins by default. Now before the word “block” sounds as if it will restrict this browser in anyway it will not. Mozilla will turn off plugins from running automatically.
What does this mean? When Mozilla FireFox (or any browser today), visits a website such as Youtube, the browser automatically executes Flash player. Flash player then allows the video to be played. This is with any plugin such as Java, VLC, audio plugins and many more. Pages will load automatically executing plugins be default. Mozilla FireFox is going to change all of this in their next update.
Mozilla FireFox will be implementing ‘Click to Play’. Click to play will prompt users to see if they want to execute plugins. Many hackers will use exploits that abuse the automatic execution of plugins. A hacker may upload a file to a website that can infect Java, a user then visits the website and the browser will automatically execute java. That person will then in turn be infected through that java exploit, and the hacker didn’t have to physically execute any program on the victims computer as the browser did it automatically. Click to Play will stop all plugins from running automatically except whitelisted plugins.
Some plugins will be on the list by default, Java not begin one of them. As many users don’t update their Java application hackers abuse exploits up to a year old and can still infect hundreds of thousands of users. Surprisingly Flash player will be on the whitelist. Mozilla’s team stated “security and plugin teams work closely with Adobe to make sure that Firefox users are protected from instability or security issues in the Flash plugin“. While Adobe products are exploited quite often, it appears Mozilla has trust in Adobes products enough to whitelist them.
While Mozilla FireFox is the preferred browser for privacy, it seems it will now be getting a bit more secure. Be sure to keep Java, Abode, and browsers always up to date to stay safe from exploits, and hackers.