Firefox Will Start Warning Users of Outdated Flash, Reader and Silverlight

Users won’t be forced to update, but will be notified of the potential threat

By on October 6th, 2012 12:31 GMT

Mozilla is making good on plans to issue warnings to users running old and vulnerable versions of several plugins. The idea is to make it clearer to users that they have unsafe plugins installed, but Mozilla won't force users to do anything and they can ignore the warnings if they want.

"Firefox users who have outdated versions of the most popular plugins will soon see a notification urging them to update when they visit a web page that uses them," Mozilla's Jorge Villalobos, who handles add-on developer relations, wrote.

"Old versions of Silverlight, Adobe Reader and Adobe Flash on Windows are covered by this," he said.

Only the three plugins are targeted and only on the Windows platform. Mozilla has already announced its intention to do this and is now putting the plan in motion.

Firefox users have been able to rely on Plugin Check to test whether the plugins they use are up to date. But this was a voluntary action and few people even knew it was possible, the least of all the people more likely to have outdated plugins.

There are no details on what the warnings will look like, the precise versions of the plugins that will be targeted, or even on when exactly Mozilla will start issuing these warnings.

"While you are free to ignore the warnings and continue using your old plugins, we strongly recommend that you go to our Plugin Check page and update them as soon as possible," Villalobos also said.

"Old plugin versions can cause stability problems and are potentially insecure. Keeping them up to date will ensure that you have a great Firefox experience," he added.

Google Chrome already does this for some old plugins. Unlike Google Chrome though, Firefox will not disable the plugins by default, it will just notify users of the danger.

Mozilla already regularly blocks vulnerable plugins when the threat is large enough, i.e. the vulnerabilities are actively exploited in the wild.

3 Comments