• Home »
• Self-Help Resources »
• Plugins

Plugins: Legacy Browser Addons

Note: I no longer develop this page. It remains as a legacy resource.

PDF | Flash | Java | QuickTime | RealPlayer
Plugin Vulnerabilities

Plugins: Vulnerable Legacy Applications

Plugins are legacy applications that were once required for browsers to view and hear multimedia content on the Web.

“Helper” Applications

Unlike extensions, which are installed in your browser, plugins provided support and access to external "helper" applications installed on your computer.

Plugins provided animation via Flash or Shockwave and PDF support via Adobe Reader.

Too Many Vulnerabilities

Unfortunately, plugins have extensive vulnerabilities which can affect the computers where they are installed.

Mobile Devices Unsupported

Plugins are not supported on mobile devices.

As mobile devices became more popular and people began to use them for accessing the Internet, the fact that plugins were unsupported by browsers on mobile devices became a problem.

It turns out that people on mobile devices wanted the same multimedia experience that was available on computers.

Their Reign Has Ended

Between the problems with vulnerabilities and the emergence of mobile access to the Internet, the days of plugin dominance were numbered.

Work began to replace plugins and develop technologies that would work on both with mobile and regular computers. That technologies was released with HTML5 (the fifth version of the HTML standard).

Plugins have since either disappeared or are on life support. Their reign has ended.

Return to top

The Technology Has Changed

Modern browsers can natively display and play that content without plugins.

Plugins have been replaced with native web technologies included with HTML5 that can safely and natively provide the functions within modern browsers, including on mobile devices.

Uninstall Plugins

I recommend that you uninstall these vulnerable plugins:

• Adobe Reader.
• Flash.
• Shockwave Player.
• Java.
• QuickTime for Windows.
• RealPlayer.

HTML5 technologies are universally supported in modern browsers.

Open Standards Safer and Accessible

Open standards are faster and safer than proprietary plugin technologies.

[A]s open standards like HTML5, WebGL and WebAssembly have matured over the past several years, most now provide many of the capabilities and functionalities that plugins pioneered and have become a viable alternative for content on the web.
— Adobe

Online Gaming Sites

Online gaming sites have moved to HTML5 and now support mobile devices:

Java and Flash are two technologies that have powered Pogo games for many years, but they're no longer supported by most web browsers. Because of this, we're retiring Flash-based games from Pogo.

 

We're continuing to update our most popular games to HTML5. We've improved graphics, performance, and accessibility whether you're using your computer, tablet, or smartphone.
— Pogo.com

Return to top

PDF Readers

PDF is a format invented by Adobe that allows files to be viewed anywhere with the proper fonts regardless of the software it was created with.

Traditionally, Adobe Reader provided access to online PDFs using a plugin.

Browsers Natively Display PDF Documents

Most modern browsers can now display PDF documents natively without plugins.

Microsoft Edge is set as the default Windows 10 viewer for PDFs, but you can change that:

1. Click on Start ⇒ Settings ⇒ Apps ⇒ Default apps
2. Scroll down and click on choose default applications by file type.
3. Wait for the options to load, then scroll down to .PDF and change the default option there.

Interactive Features

Current versions of Firefox, Microsoft Edge and Google Chrome also allow you to fill in interactive PDF forms before you save or print them.

If your browser doesn't natively support the features you need, open the document in an external PDF viewer.

Dedicated PDF Readers

Even though browsers have built-in capabilities, dedicated PDF readers like Adobe Reader or other PDF readers usually have more features than your browser can provide.

Professional Software

Professional PDF software like Adobe Acrobat, Able2Extract Pro or Nitro Pro add comprehensive editing capabilities.

Adobe Reader

Adobe Reader has been flagged as a security vulnerability.

• Many computers have obsolete (unsafe) versions installed.
• Any version of Adobe Reader, Adobe Acrobat or any PDF software prior to the most recent version should be updated or uninstalled.

 

Return to top

Adobe Flash Player

Adobe Flash Player reached its end-of-life on December 31, 2020 and is no longer supported. You should uninstall Flash Player.

Flash content has been replaced with native HTML5 technology.

Uninstalling Flash

Flash Player may remain on your system unless you uninstall it. Uninstalling Flash Player will help secure your system since Adobe will not issue Flash Player updates or security patches after the EOL Date.
— Adobe

• KB4577586 uninstalls Flash Player for Windows 10.
• Uninstall Flash Player for Windows.
• Uninstall Flash Player for Mac OS.

 

Return to top

Shockwave Player

Shockwave Player reached its end-of-life on April 9, 2019 and is no longer supported. You should uninstall Shockwave Player.

 

Return to top

Java

Java plugins are now either unsupported or blocked by most browsers. You should uninstall Java.

License Changed

Java is free for personal use but most browsers ended support with Java SE 8.

Java Vulnerable

It has been known for some time that Java makes your computer vulnerable.

• Most sites and applications have moved to native HTML5 technology.
• Using legacy browsers in order to enable Java puts your computer at risk.

Java Usually Unnecessary

Java no longer runs in modern browsers and is no longer necessary for most people. Remove Java if you don't need it (most people don't).

By uninstalling Java you can determine if you need it. If you find you require Java, it can be quickly reinstalled.

• How to uninstall Java

Update Regularly

If installed, be sure to frequently update Java.

Out-of-date versions of Java on your computer may present a serious security risk.
— Java.com

Ensure you remove older versions (you may need to manually remove these).

Learn more about Java.

Download/Test Your Installation

Download Java | What is Java? | Troubleshooting Tips

 

Return to top

QuickTime

Uninstall QuickTime for Windows

QuickTime 7 for Windows is no longer supported by Apple and contains dangerous vulnerabilities. It should be uninstalled.

New versions of Windows since 2009 have included support for the key media formats, such as H.264 and AAC, that QuickTime 7 enabled. All current Windows web browsers support video without the need for browser plug-ins.
— Apple Support

QuickTime for Mac

QuickTime is supported for macOS and iOS. Update to the latest version or uninstall it (saving your QuickTime Pro registration key before uninstalling).

VLC for Offline Multimedia

VLC Player is strongly recommended for playing offline multimedia content.

Return to top

RealPlayer

Uninstall RealPlayer

You should uninstall RealPlayer.

• RealPlayer plugin has been flagged as unsafe by Firefox and Chrome.
• RealPlayer has a shady history of spyware and nag screens.

In the 1990s, RealPlayer was a fundamentally ambitious piece of software. It set the groundwork for how we would come to consume media, and in many respects, we owe it a massive debt of gratitude. But it was also a fundamentally flawed piece of software, whose execution didn't quite do its lofty goals justice.

 

20 years later, little has changed. The ambition behind RealPlayer is still there, but this time round, it feels much less focused. Rather than do one thing badly, RealPlayer does many things badly.— Make Use Of

VLC for Offline Multimedia

VLC Player is strongly recommended for playing offline multimedia content.