Topic: What's with this ongoing war between Mozilla and Adobe?

[Chrystal]

I doubt if I'm the only person to have noticed this:

Every so often, Firefox tells me that the plug-in Adobe Shockwave Flash Player is out of date and vulnerable, and needs to be updated.

So I update it. All is well for a bit, and then I get a message saying that Firefox has prevented Shockwave from running because it is out of date and vulnerable....

So I update it. All is well for a bit, and then I get a message saying that Firefox has prevented Shockwave from running because it is out of date and vulnerable....

So I update it. All is well for a bit, and then I get a message saying that Firefox has prevented Shockwave from running because it is out of date and vulnerable....

So I update it. All is well for a bit, and then I get a message saying that Firefox has prevented Shockwave from running because it is out of date and vulnerable....

... You get the picture?

What is going on? Surely Adobe must realise that Firefox are claiming their plugin is vulnerable, and surely they must have fixed the vulnerability? So why does this cycle keep on repeating itself? Is Mozilla deliberately putting something in each of their new releases that makes Shockwave vulnerable so they can disable it? If so why doesn't Adobe do something about this?

[Vekseid]

It's because Flash is so notoriously insecure that this is the only way Firefox can reasonably be expected to protect you. I'm not sure what else needs to be said - Adobe desperately wants to end-of-life Flash. Eventually, it will no longer be supported by any browser.

[Chrystal]

Thanks, Veks. That makes sense, but doesn't explain why Adobe keep issuing upgrades that "temporarily remove" the vulnerability. Surely if they don't want to use .fsh files any more all they have to do is s say "Sorry folks, we're no longer supporting this format", and withdraw all support?

[Vekseid]

If it's happening each day something might be wrong, but flash gets vulnerabilities really frequently. : /