Tuesday, February 7, 2012

Firefox to get sandboxed Flash soon


To avoid exploit techniques that make use of Flash's security vulnerabilities to gain access to browser, Adobe will be sandboxing Flash player (a.k.a protected mode, similar to how IE runs in Windows 7) that runs in Firefox. This is similar to Flash player that runs on Chrome (already sandboxed) and should make Firefox more secure.
"The design of this sandbox is similar to what Adobe delivered with Adobe Reader X Protected Mode and follows the same Practical Windows Sandboxing approach. Like the Adobe Reader X sandbox, Flash Player will establish a low integrity, highly restricted process that must communicate through a broker to limit its privileged activities. The sandboxed process is restricted with the same job limits and privilege restrictions as the Adobe Reader Protected Mode implementation. Adobe Flash Player Protected Mode for Firefox 4.0 or later will be supported on both Windows Vista and Windows 7," Adobe's Peleus Uhley said.
Currently in beta state (available only for developers), final version will be available for years in 2012.

Enhanced by Zemanta

No comments:

Post a Comment