There are many (millions?) users that open their browsers every day and browse sites using outdated versions of Adobe Flash. I suspect that most of those users don’t have a clue that they are using vulnerable software.
Mozilla is about to change that for Firefox users. In the next round of updates due out this month, Firefox will check the Flash version number and advise users to update if they’ve got an out-of-date version.
It’s about time.
I wrote a story in August about one security vendor’s claims that 80 percent of Adobe Flash users were running old versions. Adobe responded that they were being responsible and alerting users via a number of different approaches.
Having the browser, the place where most users interact with Flash, as the place where an update notification is made is just such an obvious (and great) idea.
Sure, there will be users that will just click through the warning, just like there are countless numbers of users that click through SSL certificate warnings today. But there will be many users that will notice, and who will update their versions of Flash, making the web a safer place.