Adobe has patched two zero-day vulnerabilities in Flash discovered in documents uncovered in the cyber-attack on controversial surveillance tools developer Hacking Team.
The two ‘critical’ flaws (CVE-2015-5122 and CVE-2015-5123) were the 37th and 38th Flash vulnerabilities found in the month of July so far and had led to Mozilla block all versions of Flash in Firefox until an update was released, claiming it was too dangerous to run by default.
Mozilla’s decision was the latest piece of negative publicity for after Facebook’s new chief security officer Alex Stamos called on Adobe to set an end of life date for the much-maligned plug-in due to the sheer number of security threats.
It is unclear when the Mozilla will lift the block on Flash, but Mark Schmidt, head of Firefox support at Mozilla, did say on Twitter this would happen once a patch had been released.
“To be clear, Flash is only blocked until Adobe releases a version which isn’t being actively exploited by publicly known vulnerabilities,” he said in a Tweet yesterday.
TechWeekEurope has asked Mozilla when Flash might be re-enabled but had not received a response at the time of publication.
Are you a security pro? Try our quiz!
After huge fine, Meta launches 'Facebook Marketplace Partner Program' so rival service providers can list…
New research from Freshwave finds a better mobile signal indoors could grow the UK economy…
Elon Musk says he will abandon $97.4 billion offer to buy the non-profit behind OpenAI…
Apple Intelligence in China is reportedly not going to utilise OpenAI's ChatGPT, after Alibaba confirmed…
Labour's business secretary Jonathan Reynolds to set out ‘strategic steer’ for UK competition regulator, after…
Discover how AI is transforming mobile devices into intelligent companions. From predictive analytics to accessibility…