Flash Patch Hits Firefox 13

Monday, June 18, 2012 @ 03:06 PM gHale


The latest release of the Flash Player plugin, version 11.3, is causing frequent crashes in Firefox 13 on Windows.

The problem seems to relate to the new Protection Mode, which should make the plugin run in a sandbox to isolate it from the rest of the system. The number of users experiencing this problem is now so large Mozilla and Adobe are offering differing solutions for a fix.

RELATED STORIES
Adobe Patches Flash Bugs
After Patch, APT’s Still Hit
Adobe Mac Updates Silenced
Critical Flash Player Hole Closed

Many of the crashes appear to be the result of interactions between Flash Player and other plugins, particularly plugins which offer the ability to record Flash video streams. Mozilla specifically mentions a Firefox extension called RealPlayer Browser Record and recommends deactivating this plugin. The Firefox developers have also added this plugin to its blacklist which comprises add-ons known to be insecure or unstable. Firefox automatically disables extensions on this list, but allows users to reactivate them manually.

A further option for remedying the problem is to deactivate Protected Mode. Under Windows 7 or Vista, this requires the addition of the line ProtectedMode=0 to the configuration file mms.cfg. Since Protected Mode is not under Windows XP, this step is not necessary on that platform. In 64-bit editions of Windows 7 and Vista, mms.cfg is in <%windir%\syswow64\macromed\flash>; in 32-bit versions the file is in <%windir%\system32\macromed\flash>. Administrator privileges are in play if you want to modify these files. Detailed instructions are in Adobe’s Protected Mode FAQ.

Some users traced some of their crashes back to Firefox’s disabled out-of-process plugin protection. A support article on the Mozilla web site explains how to reverse this change.

Adobe has gone even further and released instructions for downgrading Flash Player to a previous version. Users should on no account downgrade to build 11.2, however, as it is known to contain critical security vulnerabilities currently being actively exploited. Instead, users should install Flash Player 10.3, in which the company fixed the vulnerabilities in a similar way to version 11.3 since Adobe is continuing to supply enterprise customers with security patches for Flash 10.

Meanwhile, Mozilla released Firefox 13.0.1 for all platforms, which according to the release notes, not only addresses the Flash issue but also fixes issues with Messenger and Hotmail, and the rendering of Hewbrew text. The update is available for all platforms and should automatically install. To force update installation select the “About Firefox” menu item; when the About dialog is displayed, it will check for updates and offer to install if one is available.



Leave a Reply

You must be logged in to post a comment.