Earlier this week, news got out that Apple was shipping an outdated version of Adobe’s Flash Player with Snow Leopard; if you updated to a more recent version before the upgrade to Snow Leopard, you would receive a downgrade. This older version had security holes in it, so Adobe advised everyone to upgrade. The Mozilla team has now announced that Firefox 3.5.3 and 3.0.14 will include a Flash version checker.
Thanks to the near-ubiquity of the Flash plugin, it’s a very attractive attack vector for people with malicious intent. It has been shown that 80% of the people who have Flash installed are using an outdated version, so the Mozilla team has decided to take matters into their own hands, and will include a version checker in Firefox 3.5.3 and 3.0.14.
“Starting with the upcoming releases of Firefox 3.5.3 and Firefox 3.0.14, Mozilla will warn users if their version of the popular Adobe Flash Player plugin is out of date. Old versions of plugins can cause crashes and other stability problems, and can also be a significant security risk,” Mozilla’s Johnathan Nightingale writes, “For now our focus is on the Adobe Flash Player both because of its popularity and because some studies have shown that as many as 80% of users currently have an out of date version.”
The checker is not an integral part of Firefox itself, but is instead part of the “What’s new?” page after upgrading to the latest Firefox version. This page will inform users that their Flash version is out of date, and will direct them towards Adobe’s Flash site where they can download the latest version.
Mozilla will work with other plugin providers to build-in similar functionality for other plugins than Flash. Even though I’d rather see this as an integrated part of the browser, Firefox is at least taking the first proper steps to address the Flash issue.