Forgot your password?
typodupeerror
Firefox Microsoft Mozilla Software Upgrades News

Mozilla To Bug Firefox Users With Old Adobe Reader, Flash, Silverlight 247

Posted by timothy
from the they-should-hire-an-annoying-mascot dept.
An anonymous reader writes "Mozilla today announced it will soon start prompting Firefox users to upgrade select old plugins. This will only affect Windows users, and three plugins: Adobe Reader, Adobe Flash, and Microsoft Silverlight. Mozilla says Firefox users will 'soon see a notification urging them to update' when they visit a web page that uses the plugins."
This discussion has been archived. No new comments can be posted.

Mozilla To Bug Firefox Users With Old Adobe Reader, Flash, Silverlight

Comments Filter:
  • update (Score:5, Funny)

    by ryzvonusef (1151717) on Sunday October 07, 2012 @05:21AM (#41575467) Journal

    Update at 5:10PM EST: No dice. “At this time, Mozilla does not have additional information to share beyond the blog post content,” a Mozilla spokesperson told The Next Web in a statement. “We’ll be sure to update you once we have additional details to share regarding the timing, version(s) impacted and visual look of the message.”

    • by mrmeval (662166)

      Suggestion:

      gxmessage -noescape -borderless -title WARNING! -buttons UPGRADE:44,ALLOWBANKINGDATA:666,PORNSPAM:333 -center "This is warning you that you have a defective OLD plugin. Press a button, any button but we suggest the UPGRADE button. Otherwise press the ALLOWBANKINGDATA button to send your banking data to a criminal, press the PORNSPAM button to have your PC hijacked and receive porn that will shatter your fragile little mind."

  • turn it off? (Score:5, Interesting)

    by sumdumass (711423) on Sunday October 07, 2012 @05:26AM (#41575491) Journal

    anyone know if it can be turned off? I got some crap that gets broken with new versions of reader.

    Maybe i'll just have to switch browsers.

    • by deniable (76198)
      We're running 10 at work, so this shouldn't bug us for a while.
    • Re:turn it off? (Score:4, Interesting)

      by 1u3hr (530656) on Sunday October 07, 2012 @05:58AM (#41575617)
      I run Win2k and Flash can't be upgraded any more anyway. And I use Acrobat 4. I don't want any later version. I don't want to be nagged to upgrade things. I know what I have and I know what I need.
      • Re:turn it off? (Score:5, Insightful)

        by SpaceCracker (939922) on Sunday October 07, 2012 @06:11AM (#41575653)

        I run Win2k ...

        Firefox has detected an old version of Windows. It is strongly recommended that you upgrade Windows to the latest version.

      • Re:turn it off? (Score:5, Informative)

        by jones_supa (887896) on Sunday October 07, 2012 @06:38AM (#41575731)

        I run Win2k and Flash can't be upgraded any more anyway. And I use Acrobat 4. I don't want any later version. I don't want to be nagged to upgrade things. I know what I have and I know what I need.

        Actually, when you look at the Archived Flash Player versions [adobe.com], it seems that the 10.x line (the last one compatible with Windows 2000) still gets some kind of minor updates.

      • Re:turn it off? (Score:5, Insightful)

        by mister_playboy (1474163) on Sunday October 07, 2012 @07:04AM (#41575789)

        Opera is probably the wisest browser choice for Win2K.

        Then again, using an OS that stopped getting security updates more than 2 years ago on an Internet-connected computer implies you don't care much about making wise choices.

        • Re: (Score:2, Interesting)

          by 1u3hr (530656)

          Opera is probably the wisest browser choice for Win2K.

          Which is my default browser. . But some sites just don't work and the I resort to Firefox.

          Then again, using an OS that stopped getting security updates more than 2 years ago on an Internet-connected computer implies you don't care much about making wise choices.

          Or it shows that I don't trust the OS whether updated or not and have a hardware firewall and third party security software. And use a version of Windows that doesn't try to call home or have IE embedded so deeply in it.

          Maybe having been online for over 20 years and never having a malware infection implies I actually have a clue. (Or maybe I'm just too dumb to realise how much malware is on my PC, feel free to believ

          • You don't have to use IE on the Internet, so it shouldn't matter whether IE is on your computer.

            I gave up on Windows 2000 two or three years ago when most developers stopped supporting it and compatibility quality gradually degraded as a result.

            Good user habits are important, but it's not a comprehensive solution. For one, even reputable sites get hacked.

            • Re:turn it off? (Score:4, Insightful)

              by 1u3hr (530656) on Sunday October 07, 2012 @10:48AM (#41576561)

              You don't have to use IE on the Internet, so it shouldn't matter whether IE is on your computer.

              Its very hard to stop Windows form using IE in one way or another. Every now and then it pops up when hardcoded in some applications. But I've blocked it at the firewall so it's effectively neutered (I hope).

              I gave up on Windows 2000 two or three years ago when most developers stopped supporting it

              It's only this year the apps I need to use have started to become incompatible. MS made changes to their compilers last year I think and basically forced the issue. While modders are fighting a rearguard action to patch Win2k, I'll probably move to XP next year. I regularly use a lot of quite old software so am dragging my feet. I could do it all in emulation on a newish PC, and may end up doing that a few more years later. Maybe hosted on Linux. Unix was my first OS, so I'd be happy if I could get back to that and still use my DOS and Windows apps.

              • by bobbutts (927504)
                Try XFCE if you haven't yet, it's got that minimal efficient desktop feel like XP and 2K.
              • Its very hard to stop Windows form using IE in one way or another. Every now and then it pops up when hardcoded in some applications. But I've blocked it at the firewall so it's effectively neutered (I hope).

                No, its not. Office and help files both use IE in varying capacities. But regardless, it would help if you were actually running a version of IE that wasnt horribly broken, slow, and vulnerable to viruses.

                You think youre being clever and that somehow newer versions of windows are better, but as an IT consultant who deals with all too many virus issues, please just accept that out of date software is a really bad idea for anyone browsing the web. More than anything you might be protected by the fact that

                • by hairyfeet (841228)
                  I'd just add his hardware firewall may not help him, i recently had a customer that had a hacker take over the whole system and it turned out he had flashed the firewall after he gained control, so even a full wipe and reinstall did nothing because he could just control the firewall and redirect the system to pages where he had loaded a ton of malware and just slam the system until he found a way into the system again, REALLY nasty.
                • by 1u3hr (530656)

                  You think youre being clever and that somehow newer versions of windows are better, but as an IT consultant who deals with all too many virus issues, please just accept that out of date software is a really bad idea for anyone browsing the web

                  No, I think I'm broke and can't afford to buy a new PC and OS and Adobe Creative Suite 6. So I make what I have work. Rather than spend a lot of time and money on the shiny and at the end of the day not actually be more productive, since 50% of the computer is devoted to security software and second guessing everything I want to do..

                  More than anything you might be protected by the fact that viruses are broken on Win2k.

                  Exactly.

                  We're talking about Microsoft updates. They're never "up to date". I've got a friend with Win 7 laptop, it's always got 100s of MB of Windows updates pending. I inst

              • by hairyfeet (841228)

                Well you didn't hear it from me, wink wink nudge nudge, but it sounds like what you want is "Windows 7 Tiny" which I'm sure you can find a copy on the net easy enough. it was originally designed for gamers by gamers that want the updated DirectX without anything else so its stripped to the bone, no IE, no phone home anything, hell it doesn't even come with Media Center or WMP, just the OS stripped down so far it'll fit on a single CD.

                I've played with it on systems as weak as a 1Ghz Celeron and I have to say

          • Maybe having been online for over 20 years and never having a malware infection implies I actually have a clue

            The fact that you think being "savvy" has anything to do with getting a virus-- as opposed to running woefully out of date, known vulnerable software-- shows that you do not.

            Protip: 90% of virus attacks require no user interaction-- just out of date software.

        • That's bull. Why should anybody have to spend hundreds of dollars to replace a perfectly functional system?

          • ...And this is why we have a botnet problem.

            Seriously, his system is 13 years old. Either A) decide you can live with wine and get on a linux distro that still gets updates, or B) decide you really do need Windows and pony up the $100 so that we dont have to deal with your spambot infested box.

          • by SeaFox (739806)

            They don't have to buy a new machine. They could also change to a Linux distribution that is suited to their hardware performance-wise and still runs current versions of those plugins (not that I think anyone really needs Silverlight).

          • by hairyfeet (841228)

            Uhhh...because not only is what he is running a nightmare from a security standpoint but I bet it blows through power like Charlie Sheen blows through coke?

            Most of the Win2K machines I've seen that are still usable on the net are Pentium 4s and lets face facts, the P4 was a giant SUV of a power hog. If he can actually slap in a hard drive and RAM sticks (which this is /. so surely if he knows about hardware firewalls he can do a drive install) he can pick up an E350 kit for $130 [amazon.com] which will give him a dual

        • The drawback of using an OS that stopped getting security updates more than two years ago is that any new exploits are unlikely to be fixed.

          The benefit of using an OS that stopped getting security updates more than two years ago is that because of its low marketshare it's much less likely to be targeted.

        • by Toonol (1057698)
          How are the developer tools for Opera? If they're close to firebug-level, I'll switch today. If I wasn't developing, I'd have switched yesterday.
        • by hairyfeet (841228)

          Oh its MUCH worse than that, because unlike Win9X with Win2K you have an OS with enough guts similar to the next version, which XP is still one of the largest targets for malware there is thanks to its brain dead "hey let's all run as admin!" design that the guy might as well paint a bullseye on the side of the box. Not to mention he has outdated Flash, Reader, and most AV products don't support Win2K anymore?

          What you have is a box that will end up with more bugs than a Bangkok whore on coupon day, NOT pr

          • XP is still one of the largest targets for malware there is thanks to its brain dead "hey let's all run as admin!" design

            Malware can do plenty of damage without administrative privileges. It can infect all executables that are installed in your user account in "Install just for me" mode. It can destroy or disclose the documents in your user account. It can use your computer's network connection to serve spam or child pornography.

      • I remember when JS was introduced to Acrobat in version 4 - it was surprisingly permissive allowing systems calls for instance. I think they (Adobe) has certainly learned a lot about the wonderful world of security in the 6 major versions since then.

    • 1) Why are you using the Adobe Reader web browser plug-in? Downloading and opening PDFs is much safer.

      2) Why are you using a version of Adobe Reader that has known security vulnerabilities? If Reader doesn't do what you want, there are alternatives.

      Keeping software up to date is important for staying safe. But perhaps this is not a concern for you.

      • Instead of a lecture, do you have an answer to the question that was originally posted? All we are getting is BS and no solution as to how to disable the damn thing.

        • The way I see it there are 3 possible scenerios here, none of which warrant an answer to that question.

          1) OP is to lazy to update his software, so we told him to update his software. (most likely).
          2) OP uses an Intranet system that requires old versions, in which case he should let IT deal with it and stop fucking up corporate computers.
          3) OP is the IT from scenerio 2 and should be fired for not knowing how to do his job/her.
    • Enjoy your viruses.

      As others have suggested, its probably a really really good idea for you to remove that plugin and just download the pdfs manually. The internet would collectively appreciate it if you didnt join the botnet.

    • by hairyfeet (841228)

      Well if you want to keep the Gecko engine there is Pale moon, IceDragon, and Waterfox. If you want to switch to something else there is Dragon (what I use, nice and with some extra security features), Chrome/Chromium, Safari, Opera,QTWeb if you need cross platform, that's the nice thing about what we have now, no more "This site only works in IE" crap and plenty of choices.

      I give my customers a choice of Dragon [comodo.com] or IceDragon [comodo.com] because i give them Comodo AV and have had good luck with their free stuff, but an

  • by Anonymous Coward

    If you know what the right thing to do is, just do it. If you don't know, don't bug the user about it. I get the calls when you show the unwashed masses around me yet another incomprehensible prompt about some thingamabob inside their computers that they didn't know was there in the first place. Make it work or shut up.

  • Before (Score:4, Insightful)

    by Culture20 (968837) on Sunday October 07, 2012 @06:07AM (#41575639)
    It should prompt to update every day, regardless of whether they visit a site with flash/PDF/etc. That way the update gets applied before they "want to view content NOW". Otherwise they'll click cancel.
    • Re:Before (Score:4, Interesting)

      by pla (258480) on Sunday October 07, 2012 @10:20AM (#41576437) Journal
      It should prompt to update every day, regardless of whether they visit a site with flash/PDF/etc. That way the update gets applied before they "want to view content NOW". Otherwise they'll click cancel.

      You realize, of course, that not all of us need or want to stay at the bleeding edge of every product we use?

      Most people just want the same thing they used yesterday to work today. Most people get really, really annoyed when what worked yesterday starts nagging them to upgrade today (or worse, "Adobe Flash (malware) has been blocked for your protection" - Fuck you, Moz!).

      Keep it up, guys... Google can't thank you enough for pushing us to use Chrome. And yes, I know that Chrome updates itself, but it doesn't change (aka "break") anything each time.
      • by Culture20 (968837)
        Then you won't be using The latest Firefox either so what's your beef? Also, why the heck would you want to use browser plugins that have targeted vulns?
    • by Idbar (1034346)
      Bonus points if they get it to show right on top of the annoying adobe update pop ups.
  • by 200_success (623160) on Sunday October 07, 2012 @07:07AM (#41575795)
    To bypass this nagging, just continue to use an old release of Firefox.
    • by pongo000 (97357)

      To bypass this nagging, just continue to use an old release of Firefox.

      I use 3.5.7 (for various reasons, including better support for some protocols), and trust me, the nag dialog is there too. Got one yesterday before I read the /. article, was like "wtf?"...

  • by Wowsers (1151731) on Sunday October 07, 2012 @07:24AM (#41575835) Journal

    As a Linux user, Mozilla should be targetting Adobe not me. For example, Adobe released a not working version of their flash player, it changes the colours of video on places like Youtube if you have hardware acelleration enabled. To get proper colours you have to disable hardware accelleration, which has a massive impact on system performance, even on a dual core machine.

    To add to the problem, Adobe said they will no longer be working on Flash for Linux (at least the 64 bit version). So they released a known buggy version, and refuse to revert to previous version that worked.

    Me updating is not the problem, it's companies like Adobe that need to be targetted.

  • I'll just disable it again.

  • Pissing me off after forcing an update onto me that WILL NOT install but which retries that install EVERY FUCKING TIME I start each and every Mozilla program; an "update" which can't be removed without a full uninstall and which requires a confirmation in the focus-stealing pop-up after each time it fails.

    Then there's Chrome constantly bugging me to log in and give other details so I can be tracked as if I was the star of The Running Man.

    Why hello, Opera. How've you been?

    • by game kid (805301)

      While I sympathize with anyone who's trying not to get tracked in an internet that's become saturated with ways to be tracked, this May story seems relevant [slashdot.org]. I have a feeling that any such deal fell through after so much time, but you might want to remain vigilant, report misplaced baggage, buy American, et cetera.

      (I had to undo 2 up mods to reply here; my apologies to those who lost the points.)

  • Disable (Score:5, Insightful)

    by markdavis (642305) on Sunday October 07, 2012 @09:11AM (#41576167)

    I have no problem with Mozilla doing this as long as the user (or admin) can disable it through about:config.

  • Pale Moon? (Score:5, Interesting)

    by C0L0PH0N (613595) on Sunday October 07, 2012 @09:37AM (#41576265)
    Pale Moon ( http://www.palemoon.org/ [palemoon.org] ) is a long-standing fork of Firefox produced by Moonchild Productions, which is distinguished by being optimized for efficiency and speed in 64 bit Vista and Windows 7. There are 32 bit versions as well. Firefox does not provide a 64 bit version at this time. If you've never heard of Pale Moon, check it out. It is now my main browser of choice. Here is a review: http://www.softwarecrew.com/2012/08/pale-moon-15-building-a-better-browser/ [softwarecrew.com].

    Perhaps this browser will give you your "Firefox" experience without the upgrade "bugging" that Mozilla is introducing.
    • by Waccoon (1186667)

      I tried PaleMoon, and alas is has all of the pausing and memory consumption problems of Firefox. With those issues still intact, 64-bit optimizations and other performance tweaks are meaningless.

      Please, Mozilla, stop yelling at the plug-ins and fix the damn browser core, already!

  • by Cyko_01 (1092499) on Sunday October 07, 2012 @10:58AM (#41576617) Homepage
    They are trying get everyone to upgrade because the number 1 issue they have had on the tracker for months is related to people using old versions of flash and it reflects negatively on peoples view of the browser
  • by Dwedit (232252) on Sunday October 07, 2012 @12:04PM (#41576939) Homepage

    Flash Player's own updater never seems to appear until I reboot the computer, which is quite a rare event for me (sleep mode works fine, no need for shutting down). This is a bad design.
    It took me a while to figure out what triggers the Flash Player updater to appear: It's in the Scheduled Tasks area. It runs daily at about 12:30PM, and It's set to stop trying to update 72 hours after it starts. So if you rarely reboot your computer, you don't get Flash Player updates.

  • by Zaphod-AVA (471116) on Sunday October 07, 2012 @12:31PM (#41577077)

    None of this should be needed.

    Microsoft should just allow third party critical updates through Windows Update. Flash, Reader, and Java flaws account for most of the malware installs, and most users are bad at keeping these things up to date. Running a stack of update utilities is irritating to advanced users and confusing to novice users. All this does is make the malware industry happy.

"Just the facts, Ma'am" -- Joe Friday

Working...