Story image

Bye bye, NPAPI: Mozilla issues critical update to Firefox, disables plugins

10 Mar 17

Mozilla has issued a string of patches for its Firefox browser, plugging vulnerabilities for everything from memory corruption, potentially exploitable crashes, iframe exploits, URL spoofing, malware, file deletion and DoS exploits.

The new 52.0 release caught the headlines this week is the fact that Firefox has disabled all NPAPI plugin capability except Flash, meaning common plugins such as Adobe Acrobat, Java and Microsoft Silverlight no longer load.

Mozilla says that it has been supporting various other web APIs that work without the need for plugins, and that users will probably not even notice a difference to their web browsing experience.

Mozilla believes that Flash and NPAPI plugins have helped websites that include video, sound and games, but they also slow down the browser, make it more vulnerable to security risk and make it more likely to crash.

Mozilla’s new Web APIs will function as replacements, but with better security, stability and performance.

The new 52.0 update enables those plugins, Mozilla says.

“Today, they’re ready. Many sites have adopted them, and almost all your favourite pages can be enjoyed without using old and insecure plugins. Firefox joins other modern browsers like Google Chrome and Microsoft Edge to remove support for these NPAPI plugins,” a statement on Mozilla’s help page says.

But for those now wanting to lose their old plugins, Mozilla says the separate Extended Support Release of Firefox will support those plugins until early 2018, which can be downloaded from Mozilla’s website.

Mozilla says that those wanting support for Java or other plugins must download the Windows (32-bit) download.

Chch crypto-exchange Cryptopia suffers breach
Cryptopia has reportedly experienced a security breach that has taken the entire platform offline – and resulted in ‘significant losses’.
Audioengine’s Wireless A5+ are just bloody good speakers
I judge these speakers on the aspects that Audioengine boasts about - quality, streaming, simplicity and versatility
Hands-on review: The Ekster Wallet protects your cards against RFID attacks
For some time now, I’ve been protecting my credit cards with tinfoil. The tinfoil hat does attract a lot of comments, but thanks to Ekster, those days are now happily behind me.
OPPO aims to have 5G device launched by end of year
The Chinese smartphone manufacturer is working with Keysight Technologies to accelerate the development of their 5G smartphone.
LG makes TVs smarter with new AI processors
Latest TVs from LG use deep learning to enhance the video and audio output and introduces integration with Alexa.
Tesla wants people to hack its Model 3
Tesla is offering white hat hackers what could be the chance of a lifetime – the opportunity to hack one of its Model 3 vehicles.
Over 100 million smart home devices shipped in 2018
The smart home market is booming as consumers are looking for more ways to interact with their surroundings.
How to tackle cyber threats in your home
How should you start securing your devices? The company has provided tips for actions you can take across social media, home routers, TVs, and many more.