By default, Firefox opens content based on the 3 plugins but after a user must have clicked on an icon which clearly allows it. Firefox introduced this feature, called click to play, in 2012. Prior to now, the feature immobilized all outdated plugins in order to avert browser crashing and hack attacks. In the near future, it will start barring all plugins with the exception of the newest edition of Adobe flash.
In a blog publication announcing the change, Michael Coates, Mozilla’s security assurance director wrote, “Drive by manipulation of vulnerable plugins happens to be one of the commonest vectors against users.” He was talking about the site attacks which install malware clandestinely on end user computer systems by targeting security malwares within the browser components which process Flash and Java based content. He added, “Users in these circumstances are protected by the new click to play element.”
In the year 2012, plugins for Java software framework from Oracle have emerged as a main target for drive-by assaults. Flash player from Adobe is also a popular target. Even though click-to-play will not affect the newest version of Flash, previous versions will also be barred unless users clearly permit it.
Coates did not say when the change will be effected.