In association with heise online

15 June 2012, 18:30

Firefox 13 tripped up by Flash patch - Update

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Flash logo

The latest release of the Flash Player plugin, version 11.3, is causing frequent crashes in Firefox 13 on Windows. The problem seems to be related to the recently introduced Protection Mode, which is supposed to make the plugin run in a sandbox to isolate it from the rest of the system. The number of users experiencing this problem is now so large that Mozilla and Adobe are both offering differing solutions for a fix.

Many of the crashes appear to be the result of interactions between Flash Player and other plugins, particularly plugins which offer the ability to record Flash video streams. Mozilla specifically mentions a Firefox extension called RealPlayer Browser Record and recommends deactivating this plugin. The Firefox developers have also added this plugin to its blacklist which comprises add-ons known to be insecure or unstable. Firefox automatically disables extensions on this list, but allows users to reactivate them manually.

A further option for remedying the problem is to deactivate Protected Mode. Under Windows 7 or Vista, this requires the addition of the line ProtectedMode=0 to the configuration file mms.cfg. Since Protected Mode is not used under Windows XP, this step is not necessary on that platform. In 64-bit editions of Windows 7 and Vista, mms.cfg is located in <%windir%\syswow64\macromed\flash>; in 32-bit versions the file is located in <%windir%\system32\macromed\flash>. Administrator privileges are required to modify these files. Detailed instructions can be found in Adobe's Protected Mode FAQ.

Some users have traced some of their crashes back to the fact that Firefox's out-of-process plugin protection has been disabled. A support article on the Mozilla web site explains how to reverse this change.

Adobe has gone even further and released instructions for downgrading Flash Player to a previous version. Users should on no account downgrade to build 11.2, however, as it is known to contain critical security vulnerabilities which are currently being actively exploited. Instead, users should install Flash Player 10.3, in which the vulnerabilities in question have been fixed in a similar way to version 11.3 since Adobe is continuing to supply enterprise customers with security patches for Flash 10.

Update - Mozilla has now released Firefox 13.0.1 for all platforms, which according to the release notes, is designed to not only address the aforementioned Flash issue but also fixes issues with Messenger and Hotmail, and the rendering of Hewbrew text. The update is available for all platforms and should be automatically installed. To force update installation select the "About Firefox" menu item; when the About dialog is displayed, it will check for updates and offer to install if one is available.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit