Latest Flash Player Preview Adds Protected Mode Features for Firefox

This article provides a nice, quick overview of some of the security features that will be available in the new, soon-to-be-released version of Adobe Flash.

Popular web browser plugins like Flash Player or Java are a prime target of malware and hackers. The core reasons are simple: Lack of centralized updating and little to no protection of the underlying system if the plugin has been compromised.

Changes have been introduced, but only in select browsers at this point of time. Google Chrome for instance uses sandboxing technology and automatic updates to keep users secure. The global updater that other web browsers use on the other hand is not nearly as thorough when it comes to downloading and applying updates as soon as they get released.

Adobe today has released a new Flash preview version for the Windows operating system that contains a new feature for the Firefox web browser.

Flash Player Protected Mode aims to limit the impact of Flash based attacks in Firefox on Windows systems. The new Flash Player feature is compatible with Firefox 4.0+ on Windows Vista or higher. Only a 32-bit version of the Flash Player release is available for download.

The security mode is automatically enabled when users view Flash Player files in the Firefox web browser. Flash contents are executed in a restricted environment that prevents attacks from reaching the operating system or other applications. It is basically a sandbox comparable with Google Chrome’s sandboxing technology, Protected Mode in Adobe Reader, and Protected View in Office 2010.

Firefox users running the new version will notice that two processes are started whenever Flash contents are accessed in the web browser with Protected Mode enabled.

flash player incubator

Adobe notes that these are the “broker and sandbox” processes which only run if Protected Mode is enabled. These are child processes of the plugin-container.exe process if enabled in the browser. Plugin-Container adds crash protection to the browser.

The Flash Player Protected Mode version for the Firefox browser has known issues. On 64-bit Windows systems for instance, a right-click on Flash contents causes Firefox to hang. Here is the list of known issues.

  • Flash Access support is not enabled in this build.
  • Secure Sockets are not working in this build. (3101130)
    Open and Save dialogs can hang in Windowless Mode (3096944)
  • Camera streams fail to play back when encoded with the H.264/AVC codecs (3096918)
  • On 64-bit Windows, Right-Clicking Flash Content cases Firefox to hang (3096953)
  • Custom context menus and clipboard copy does not work (3096977)
  • Local Security Dialogs are not displayed (3096714)
    When printing to “Microsoft XPS Document Writer”, the “Save File As” dialog is always minimized (3096958)
    Some Stage3D content may cause Adobe Flash Player to exit silently (#3049089)
  • Closing a SecureSocket connection may block Adobe Flash Player execution and result in timeout (#3045631)
  • Camera fails to play back when camera stream is being encoded with H264/AVC codec (#3049298)
  • IME may not be active in Windows Vista at times between browser sessions (#3055127)
  • In SandBox Stand-Alone Player, some menu items in the Microsoft IME language bar do not respond to mouse clicks (2947549)
  • Some Windows function keys such as F5 may prevent the Japanese IME candidate box to pop up (#3055096

Adventurous Firefox users find the Flash Player Incubator preview release over at Adobe Labs.

A final release version of the new Flash plugin version moves the Firefox browser security wise closer to Google Chrome.

Link to Original Content

Tags: , , , , ,

Comments are closed.