Posts Tagged ‘Security’

Mozilla have released Firefox 3.6.11 fixing nine security issues, five of which are rated as critical. A further two are rated as high severity, with one moderate and one low. More details can be seen in the latest security advisories.

The release also includes a handful of bug fixes, increasing the browsers stability. A full list of changes can be read in the release notes.

Firefox 3.5.14 was also released fixing several of the same security flaws.

Current Firefox users will receive the update over the coming days, or alternatively can download the latest version of the browser from the Firefox website.

Tags: , , , , , , Categories: Firefox Comments Off on Firefox 3.6.11 released

Google have pushed Chrome 6.0.472.59 out to stable channel (and Beta) users for Windows, Mac and Linux.

The update fixes 9 security holes, one of which is rated as critical, with a further six rated as high, and two rated as a low threat.

Full details can be read on the Google Chrome Releases blog. Current Chrome users will receive the update automatically over the coming days.

New users can download and try Chrome from the Google Chrome website.

Google Chrome 5.0.375.126 has been pushed to the stable channel today, bringing with it only a single change.

The latest release contains an updated version of Adobe Flash, fixing several security vulnerabilities to the plugin.

Chrome users for all platforms will receive the update within the next few days, or alternatively the browser can be downloaded from the Google Chrome website.

Internet Explorer 8’s Smartscreen Filter has passed a new milestone, passing the one billionth stopped malware download.

“Socially engineering attacks like malware are a growing threat on the internet and are one of the most common risks to people’s safety online” wrote Microsoft’s James Pratt.

“We have got better and better at blocking malware through the SmartScreen Filter because we have continued to invest in our back end service since we released IE8 in March 2009” said Pratt.

In the last two months, more than 100 million malware attempts have been blocked by Internet Explorer 8, 5 times as many as the same time last year, with more than 1.7 times the users.

The continued investment and development of malware protection is great for consumers, and helps keep their home PC’s safe.

Malware, also known as phishing (pronounced fishing), protection can also be found in other popular browsers such as Firefox, Chrome, and Opera.

Tags: , , , , , , Categories: Internet Explorer Comments Off on IE8 malware protection works

A new security vulnerability has been found in Apple Safari’s Autofill feature, which can allow malicious websites to extract users personal information from their Address Book.

“All a malicious website would have to do to surreptitiously extract Address Book card data from Safari is dynamically create form text fields with the aforementioned names, probably invisibly, and then simulate A-Z keystroke events using JavaScript. When data is populated, that is AutoFill’ed, it can be accessed and sent to the attacker” wrote security researcher, Jeremiah Grossman.

Grossman submitted the vulnerability to Apple on 17th June, but Apple is yet to comment on the issue. Grossman has also released proof-of-concept code illustrating how the vulnerability works.

The vulnerability affects both Safari 4 and Safari 5 on Mac computers, with no patch in sight from Apple.

Today Microsoft have released the IE Cumulative Security Update for June 2010 which is now available via Windows Update.

Available for many versions of Windows, starting at Windows 2000, and covering all versions of Internet Explorer from IE5.01, the update is highly recommended for all Windows users.

The update fixes six security vulnerabilities, with the most serious allowing remote code execution if a user visits an infected website.

Windows users with Automatic Updates turned on will receive the update in the coming days.

Tags: , , , Categories: Internet Explorer Comments Off on Microsoft release IE June Security Update

Google Chrome has been updated to version 5.0.375.70 fixing 11 security issues.

Nine of these are rated as a high threat level, while the remaining two are only rated as medium. More details on these threats can be read in the Google Chrome Releases blog.

The update is available for all Windows, Mac, and Linux users, and it will be pushed out automatically to these users as usual. New users can download Chrome from the Google Chrome website.

Tags: , , , , , Categories: Chrome Comments Off on Google Chrome 5.0.375.70 released

Details have emerged of a new high risk vulnerability discovered in Apple’s Safari web browser.

The exploit could allow a malicious user to execute arbitrary code on a remote system and is rated highly critical by Secunia.

“The vulnerability is caused due to an error in the handling of parent windows and can result in a function call using an invalid pointer. This can be exploited to execute arbitrary code when a user e.g. visits a specially crafted web page and closes opened pop-up windows” says the Secunia security advisory.

The vulnerability affects both Mac OS X and Windows versions of the browser. Apple is yet to release an update to close the flaw.

Tags: , , , , , , Categories: Safari Comments Off on High risk Safari vulnerability published

Less than 3 days after the release of Opera 10.52 for Windows and Mac, Opera has released Opera 10.53.

The update addresses a security issue discovered in Windows versions.

“The vulnerability is caused due to an error when continuously modifying document content on a web page e.g. using document.write(). This may result in a function call using uninitialised memory when a user visits a specially crafted web page” detailed Secunia Advisory SA39590.

The update also fixes a potential freeze bug when using Google Maps for both Windows and Mac versions.

Opera 10.53 will be pushed out to Windows and Mac users over the next day, while new users can downloaded the browser from the Opera website.

Google Chrome 4.1.249.1064 has been released to the stable channel for Windows users.

The update includes two bug fixes, one of which solves a bug that causes slow JavaScript performance.

Three security holes have also been closed, all of which were rated as high.

A more detailed description of each of these issues can be found in the change log.

Windows users will automatically receive the update, while new users can download Chrome from the Google Chrome website.

Tags: , , , , , , Categories: Chrome Comments Off on Google Chrome 4.1.249.1064 released