December 30, 2009 by admin
Keeping your system secure is a never ending battle. The evil-doers on the net are getting ever more sophisticated, and coming up with new ways to fool, cajole, trick or force you into downloading, running or loading software on your system that will compromise your system – at best, rendering it unusable, or at worst, invading your privacy, or even draining your bank account. It’s a Wild West frontier out there in the interwebs!
With that, let’s take a look at some of the recent updates and developments ion security news:
(more…)
December 9, 2009 by admin
Yesterday was the second Tuesday of the month, and by now you should know just what that means… another set of security updates for Microsoft products. This week also sees us with some other notable updates to some Adobe products, and you’ll want to take note of these as well.
Remember that security updates are a fact of life these days. It isn’t an indication that the software manufacturers are creating shoddy product; rather, it is a sign that they are discovering flaws and repairing them in an effort to stay ahead of the malicious communities out there in the wild and untamed internet world. Security is an ongoing process these days.
We’ll start with Adobe this time.
(more…)
November 18, 2009 by admin
This week, as I’ve compiled my list of updates to popular software packages – in the interest of keeping everyone informed and current to prevent security problems – we have quite a list of changes. Microsoft released their monthly “patch Tuesday” fixes last week, and on top of that we’ve seen browser security patches in Safari and Google Chrome; and we’ve seen WordPress get another security patch as well.
The moral of the story here is that you just can’t rest – as a computer owner with connections to the internet, you must keep active with your software updates – there are a seemingly endless stream of exploits being developed, and they almost always go after users with down-revision software. So, let’s see what’s been updated in the past week or so, and please do take a few minutes to check and ensure you are current with the latest versions.
(more…)
November 12, 2009 by admin
Once a week or so, depending on my schedule and the state of current events, I try to summarize the ongoing state of software updates, focusing primarily on OS, Browsers, and Adobe-related software. I missed last week, and a lot of things have piled up since the last update!
Keeping your software up to date is really important these days. There is big money in organized crime, seeking to compromise computers and gain access to your personal information – especially banking information. These malicious entities seek to gain a foothold in your computer by exploiting known vulnerabilities in popular software. As a result, something as benign as visiting a web site, opening an image, or playing a music file can lead to a compromised system, if your software has un-patched vulnerabilities.
So, keep that software up to date!
We’ll start this week with a bit of good news on the OS front, for those Apple customers who have migrated to the latest version of their OS.
(more…)
October 30, 2009 by admin
Firefox has just released an update to version 3.5.4, correcting quite a few security flaws and correcting a number of stability issues.
This update is recommended for all Firefox users of the 3.5.x family of browsers.
From www.mozilla.com, the list of fixes includes the following:
(more…)
October 28, 2009 by admin
The WordPress development team has released an interim update to version 2.8.5.
Classified as a “hardening release,” this series of updates is focused on improving several areas of security concern, and is therefore recommended for anyone running WordPress on their site.
According to the WordPress Blog, the biggest changes in this release are:
- A fix for the Trackback Denial-of-Service attack that is currently being seen.
- Removal of areas within the code where php code in variables was evaluated.
- Switched the file upload functionality to be whitelisted for all users including Admins.
- Retiring of the two importers of Tag data from old plugins.
If you are running WordPress and haven’t upgraded, please take the time and do so as soon as you can!
WordPress 2.9 is just around the corner, and beta testing is due to begin almost any day now. The final release of 2.9 is due out later this year, so keep an eye out here for news and availability.
October 21, 2009 by admin
I’ve missed a few weeks with my recent travel, and boy do we have a lot to talk about with security updates this week! In fact, there is so much, I’m going to have to give it to you in condensed form, and provide the links for further reading if you’re interested. We’ve had a big Windows patch Tuesday for October (the biggest ever!), some Apple updates and some Adobe updates. Remember, keeping up to date, currently patched software is a major step in keeping your system secure and protected against malware and worse.
Let’s start with the Microsoft Windows updates.
(more…)
September 23, 2009 by admin
Safe Browsing – Tip of the Week
This week’s tip comes courtesy of the Security Now! podcast, a great weekly treatise on all things secure. This is a really cool tip, thanks to Steve Gibson for producing a very informative podcast!
There is a “diagnostic page” on Google, that consolidates malware reporting of a given domain or site based on Google’s crawling of the website. It will give a report on the website, indicating whether Google’s web crawling bots have detected malware in the site or any of its links. The diagnostic page is accessible using the following URL text:
(more…)
September 16, 2009 by admin
Snow Leopard, we hardly knew ye 
It seems Apple moved quickly to release an update to Mac OS X 10.6.1 – primarily, it would seem, to upgrade the Flash Player plug-in to the current 10.0.32.18. You may recall from last week’s security topic, that Apple’s initial release of Snow Leopard included an older version of Flash Player that was vulnerable to malicious attacks. Apple moved quickly to fix this, but with that response time, you have to wonder if this wasn’t an oversight as they were rushing to get Snow Leopard shipped. If you’ve made the move to Snow Leopard, make sure you get the update!
Apple had a busy week last week, however; with a flurry of releases.
(more…)
September 9, 2009 by admin
Earlier today we discussed software updates, and I inadvertently omitted a big one – Apple last week released a major update to its Java package for OS X 10.5 Leopard. The update, described here and available for download, addresses a rather large number of Java vulnerabilities, some of which potentially allowed unauthorized privilege elevation by executing code from a malicious website.
Note that this update does NOT apply to Snow Leopard, OS X 10.5.6.
This release updates Java SE 6 to version 1.6.0_15 (for 64-bit Intel Macs only), J2SE 5.0 to version 1.5.0_20 (all Intel and PPC Macs), and J2SE 1.4.2 to 1.4.2_22 (all Intel and PPC Macs). The updates catch up with Java fixes released by Sun in August, but apparently there are still a few pending vulnerabilities that have yet to be incorporated into the Leopard packages.
Make sure you update as soon as possible, as there are active exploits in the wild for some of these flaws!
