Adobe, which has spent the last few years trying to dig out of a deep hole of vulnerabilities and buggy code, is making a major change to Flash, adding a sandbox to the version of the player that runs in Firefox. The sandbox is designed to prevent many common exploit techniques against Flash. The move by Adobe comes roughly a year after the company added a sandbox to Flash for Google Chrome. Flash, which is perhaps the most widely deployed piece of software on the Internet, has been a common attack vector for several years now, and the attacks in some cases have been used to get around exploit mitigations added by the browser vendors. The sandbox is designed to prevent many of these attacks by not allowing exploits against Flash to break out into the browser itself.
http://news.slashdot.org/story/12/02...ing-to-firefox