Yesterday, Facebook's new Chief Security Officer (CSO), Alex Stamos, called on Adobe to kill Flash once and for all, to end the stream of critical vulnerabilities that have plagued the software over its entire lifetime. The message came after a couple of more zero-day vulnerabilities were found in the Hacking Team data leak (opens in new tab).
Recognizing how serious these vulnerabilities are, Mozilla's Head of Firefox Support, Mark Schmidt, announced that "all versions of Flash are blocked by default in Firefox as of now."
He also made it clear that the block is only temporarily until Adobe patches the vulnerabilities over the next few days. The change shouldn't give most users problems, as many video sites on the Web right now are powered by HTML5 technology. This includes major ones such as YouTube and Facebook.
There are a few places, such as restaurant websites for example, where Flash might still be used, so the content there won't load. If you need to visit such sites you can still enable Flash manually in Firefox with a single click on the "Activate Adobe Flash" message, which will appear on the blocked content. Therefore, the inconvenience caused to users should be minimal, while the company is also ensuring the maximum security for its users over the next few days until Adobe pushes out the appropriate updates.
Although the block is temporary, we may finally see browser vendors begin a more aggressive campaign for killing Flash sooner rather than later. Google recently announced that the next version of Chrome will block auto-playing Flash ads by default, and that was before the latest Flash zero-days were found in the Hacking Team data leak.
After Steve Jobs' permanent ban of Flash on the iOS platform, and then Adobe's surrender in making Flash work well on the Android platform, everyone knew that Flash is going to eventually die. It was always just a matter of how quickly that will happen.
Many would have expected Flash to be gone from the Web by now, but it managed to survive longer because HTML5 couldn't fully replace it for many years. Now, HTML5 is much more mature, and the days of Windows XP and obsolete Internet Explorer versions are over, which makes it much easier for developers to begin completely replacing Flash with HTML5 as their web development tool of choice.
Update, 7/15/15, 2:30pm PT: Mozilla posted an update on Twitter lifting the ban on Flash, re-enabling it by default, noting that Flash has been updated and the current security risks abated.
Follow us @tomshardware, on Facebook and on Google+.