How can I prevent Firefox from checking whether Adobe Flash is up to date?
I just updated Flash a week ago and already Firefox is prompting me to replace the update with the message "Firefox has prevented the outdated plugin Adobe Flash from running on" (etc.) How can I prevent Firefox (I'm using version 35.0.1) from running this check forever?
All Replies (20)
Hi, I know it's annoying because there has been a lot recently, but you are getting those messages because Shockwave flash is out of date, and vulnerable to attack, so you really should update to the latest version (16.0.0.305).
If you can't update within Firefox for any reason, you can go to the Adobe website here.
If you receive a satisfactory answer, please help others having a similar problem, by marking it as 'Solved.'
Better to get it from http://www.adobe.com/special/products/flashplayer/fp_distribution3.html so you do not risk getting McAfee or sunch bundled.
Also Plugins are not installed in Firefox (but on system) so it cannot do Plugin updates.
Scribe_uk, nobody else tries to convince the OP to mark their post as solution.
James trɔe
Thank you for responding, Scribe_uk and James, but I already KNOW where to get the latest standalone Flash executables, and how to update the necessary components in my portable Firefox install (which is why that wasn't my question). I want to stop Firefox from CHECKING -- or at least to stop requiring me to click the "Allow" button before accessing EVERY SINGLE VIDEO. Is there a way?
hello, i don't really understand the question... when you don't want to activate flash for every instance, but already know how to update to a version of the plugin (with fixes for the vulnerability floating around), then you already have the solution to that problem at hand!
James said' Scribe_uk, nobody else tries to convince the OP to mark their post as solution.
It wasn't directed at my post in particular - just though it would help others to know if something worked, because not many users seem to mark questions as solved, but won't add it again - no problem.
philipp said
hello, i don't really understand the question... when you don't want to activate flash for every instance, but already know how to update to a version of the plugin (with fixes for the vulnerability floating around), then you already have the solution to that problem at hand!
Perhaps I should have worded it better: I want to disable the annoying "feature" that requires me to press an extra button every time I encounter a video until Flash is updated.
Try this, but I'm not sure that it will work (I'm trying myself): Go to the addons manager, click the gear button at the top-right of the page, and deselect "Update Add-ons Automatically". This might work for the next time a new Flash update appears, but not for the current one.
Just remember to manually check for updates from the same button when you are in the mood of updating them.
ShiraRead trɔe
Hi, I can't recommend this, but type about:config into the address bar, press Enter, accept the warning about dragons, scroll down to extensions.update.autoUpdateDefault and double click on it to change from True to False. (You can revert back in the same way).
Hope that answers your question and will do what you want.
Scribe trɔe
I want to point out that for all intents and purposes, Scribe_uk's solution is the same as mine. These are just 2 different ways of changing the same setting.
ShiraRead trɔe
Unlike Extensions and Themes which are installed in Firefox, the Plugins like Flash, Java, Quicktime are installed on system and Firefox is making use of them unless you select Deactivate on any.
So Firefox can neither uninstall or update Plugins.
James trɔe
"Add-ons" is a mis-leading term, regarding what appears in the Add-ons Manager tab. "Addons" includes Extensions, Search Engines, Themes (Appearance), User Scripts, Styles, and Services - all of which the "Updates" can be controlled by Firefox preferences. "Plugins" are shown in the AOM too, but unlike the others, Firefox has no control over updates for Plugins. As James mentioned, Plugins aren't installed within Firefox as the other categories of "Add-Ons" are - and updates are controlled by the application that installed the Plugin that Firefox uses from each application's own set of folders or wherever in Windows files the Plugin is placed by the installer.
IMO, the biggest problem with Flash is that it is set by default to only look for an update once a month. So when Adobe updates Flash multiple times a month (3 "updates" in January alone) the Flash updater can'r catch each update as it occurs, or even within an acceptable "window of time". A user might "fall behind" as many as 3 new version releases quite easily.
As far as clicking to "Allow" each video when you're behind a version or two with Flash, at least Mozilla does a "soft block" and permits you to "Allow" - a "hard block" would make it impossible to use Flash at all. And "yes". Mozilla can do" a "hard block" when necessary.
In conclusion, Flash is a dying technology, which deserves to be buried. It is too "exploitable" by the "bad guys". All the recent "updates" are for security patches for fixing "holes" in Flash and stability fixes to an old application that "has seen better days" (like 10 years ago). HTML5 Video looks like the future. Use it where you can, like at YouTube which gives you a choice for many videos they host - but you you need to enable that feature in Google preferences or all you're liable got get is Flash videos. With other websites, their users need to tell them that they want HTML5 videos only.
the-edmeister we are trying to stop Firefox from checking whether Flash is up to date or not so that we don't have to manually allow Flash when we decide to keep the outdated version.
If the option I mentioned does not do that, and there is no way of doing that, then this is a privacy concern, Because that means FF is connecting somewhere -without our permission- to check which version is the latest compared to ours.
firefox is accessing a list of of vulnerable plugins, malicious addons and crashy graphics drivers on regular intervals to blocklist those items. the comparing is done locally on your machine, so this should not be a privacy concern...
philipp, it is a privacy concern if there is no way to disable this behaviour because FF is calling somewhere -home I guess- with "Hello! this is my IP, I'm a Firefox user!", in cases like this against the will of the user.
EDIT: Nervermind, I think I found the solution:
In about:config search for extensions.blocklist.enabled and set it to false.
Just know it's a real security risk: http://kb.mozillazine.org/Extensions.blocklist.enabled
Alternatively extensions.blocklist.interval can be used to make it not to do it so often: http://kb.mozillazine.org/Extensions.blocklist.interval
ShiraRead trɔe
ShiraRead said
In about:config search for extensions.blocklist.enabled and set it to false. Just know it's a real security risk: http://kb.mozillazine.org/Extensions.blocklist.enabled Alternatively extensions.blocklist.interval can be used to make it not to do it so often: http://kb.mozillazine.org/Extensions.blocklist.interval
Thanks, I think that fixed it.
ShiraRead said
philipp, it is a privacy concern if there is no way to disable this behaviour because FF is calling somewhere -home I guess- with "Hello! this is my IP, I'm a Firefox user!", in cases like this against the will of the user.
Maybe you are trying to stop the good guy instead of the bad guy here.
You really need to keep comupter software up todate. Updates often include securityfixes that are there to protect your computer and private data.
Do you use AntiVirus software ? Are you going to suggest there is no need to keeep that up to date, because in my opinion if it is outdated it is hardly worth using.
Adobe the FlashPlayer people are publicly announcing they have found and are fixing or have fixed security holes. Recently some of those have not been mere theoretical risks. They have been vulnerailities known to have been exploited in the real world.
Upadate Flashplayer to stay safe, or uninstall it and have no worry about sending your IP address to Adobe.
As for Mozilla Firefox here are the privacy policy etc. links
wallywalters said
ShiraRead saidIn about:config search for extensions.blocklist.enabled and set it to false. Just know it's a real security risk: http://kb.mozillazine.org/Extensions.blocklist.enabled Alternatively extensions.blocklist.interval can be used to make it not to do it so often: http://kb.mozillazine.org/Extensions.blocklist.intervalThanks, I think that fixed it.
That answer is not a good solution. As ShiraRead warned, disabling the blocklist is a real security risk. Besides a "click-to-play" block of unsafe Flash versions, the blocklist also prevents other vulnerable plugins from running automatically and also blocks malicious extensions and crash-prone graphics drivers (see Blocklist updating for related links).
To stay safe, you should re-enable the blocklist. Also make sure that Adobe Flash is set to automatically update. See Flash Player Help / Background updates and Flash Plugin - Keep it up to date and troubleshoot problems for more information.
AliceWyman said
wallywalters saidShiraRead saidIn about:config search for extensions.blocklist.enabled and set it to false. Just know it's a real security risk: http://kb.mozillazine.org/Extensions.blocklist.enabled Alternatively extensions.blocklist.interval can be used to make it not to do it so often: http://kb.mozillazine.org/Extensions.blocklist.intervalThanks, I think that fixed it.
That answer is not a good solution. As ShiraRead warned, disabling the blocklist is a real security risk. Besides a "click-to-play" block of unsafe Flash versions, the blocklist also prevents other vulnerable plugins from running automatically and also blocks malicious extensions and crash-prone graphics drivers (see Blocklist updating for related links).
To stay safe, you should re-enable the blocklist. Also make sure that Adobe Flash is set to automatically update. See Flash Player Help / Background updates and Flash Plugin - Keep it up to date and troubleshoot problems for more information.
I don't mind if disabling the blocklist is a real security risk as long as it isn't a real real security risk.
It is a real real security risk. It puts you at risk from known real exploits that are being used now. It puts you at risk from future risks that are considered important enough to qualify as needing blocking.