Adobe’s Flash software is now blocked by default on all versions of the Firefox web browser.
Mozilla, which develops Firefox, imposed the block because recently unearthed bugs in Flash were being actively used by cyber-thieves.
The bugs were detailed in a cache of documents stolen from security firm Hacking Team that was hit by attackers last week.
Adobe said it took Flash’s security “seriously” and was planning bug fixes.
Flash is widely used on many websites for both multimedia and interactive elements.
On its support pages, Mozilla said the block would remain until “Adobe releases an updated version to address known critical security issues”.
Attackers were known to use vulnerabilities in Flash to install malicious software on computers and steal data, it added.
The vulnerabilities in the documents stolen from Hacking Team have been quickly added to so-called exploit kits which are used by many thieves when they craft campaigns that seek to take over victims’ computers.