Wednesday, June 18, 2008

Firefox 3 has been released




The latest incarnation of the open source browser Firefox has been released by the Mozilla Foundation. Firefox 3 is packed with new features and is highly recommended - I've been using it for several months, and it is stable and fast! The software is available for Windows, Mac OS X and Linux. If you're wondering why Firefox matters, Forbes Magazine answers that question.

Technorati Tags: , ,


posted Wednesday, June 18, 2008 at 08:30 AM Pacific Time


Thursday, April 03, 2008

QuickTime 7.5.4 released, plugs security holes






A major security update for QuickTime was delivered yesterday, patching nearly a dozen vulnerabilities in the media software, some rated as highly critical by security organizations. QuickTime 7.4.5 is available for Mac OS X 10.3.9, 10.4.9 (or later), 10.5 (or later), as well as Windows XP and Vista and is recommended for all users of QuickTime.

Technorati Tags: , , , , ,


posted Thursday, April 03, 2008 at 10:19 AM Pacific Time


Wednesday, July 18, 2007

Firefox 2.0.0.5 released; fixes vulnerabilities




The Mozilla Foundation has released Firefox 2.0.0.5, addressing five highly critical vulnerabilities in the popular open source, cross-platform browser. The update, released July 17th for Mac OS X, Windows and Linux, is available from Mozilla, or can be downloaded automatically, using Firefox's built-in 'Automated Update' feature.

Technorati Tags: , , , , , ,


posted Wednesday, July 18, 2007 at 10:16 AM Pacific Time


Wednesday, July 11, 2007

QuickTime 7.2 released, addresses security issues




Apple has released QuickTime 7.2 this afternoon. This release improves functionality, and addresses at least eight highly critical security vulnerabilities, present in both the Windows and the Mac OS X versions of the software.

Technorati Tags: , , ,


posted Wednesday, July 11, 2007 at 03:05 PM Pacific Time


Thursday, June 14, 2007

Apple updates Safari 3 for Windows


In response to a number of exploitable vulnerabilities in the initial release of Safari 3 Public Beta for Windows, Apple has released an update that addresses three highly critical security issues in the browser. All Windows users of Safari 3 Public Beta are urged to install the latest version of the software, Safari 3.0.1, using the Apple Software Update application (Start | Programs | Apple | Apple Software Update).

Technorati Tags: , , , ,


posted Thursday, June 14, 2007 at 09:45 AM Pacific Time


Wednesday, May 09, 2007

Office 2004 for Mac 11.3.5 addresses stability, vulnerabilities


Released yesterday on their monthly "Patch Tuesday", Microsoft Office 2004 for Mac 11.3.5 Update addresses specific stability and security vulnerabilities in Mac OS X-specific Microsoft Office 2004 Standard Edition, Office 2004 Student and Teacher Edition, Office 2004 Professional Edition, Word 2004, Excel 2004, PowerPoint 2004, Entourage 2004.

Technorati Tags: , ,


posted Wednesday, May 09, 2007 at 09:36 PM Pacific Time


Tuesday, May 01, 2007

QuickTime 7.1.6 fixes critical vulnerability




QuickTime 7.1.6 was released today; this update addresses a highly critical vulnerability in QuickTime 7 present in both the Mac OS X and Windows versions of the software. According to the release notes, QuickTime 7.1.6 Update fixes an implementation issue "in QuickTime for Java, which may allow reading or writing out of the bounds of the allocated heap. By enticing a user to visit a web page containing a maliciously-crafted Java applet, an attacker can trigger the issue which may lead to arbitrary code execution. This update addresses the issue by performing additional bounds checking when creating QTPointerRef objects."

Technorati Tags: , , ,


posted Tuesday, May 01, 2007 at 03:38 PM Pacific Time


Tuesday, March 27, 2007

Adobe releases Creative Suite 3 for Mac, Windows


Adobe today announced the availability of Adobe Creative Suite 3, in six different editions, including "Adobe Creative Suite 3 Design Premium and Design Standard editions; Adobe Creative Suite 3 Web Premium and Web Standard editions; and Adobe Creative Suite 3 Production Premium. Rounding out the product line is Adobe Creative Suite Master Collection which combines 12 of Adobe’s new design and development applications in a single box."


Apple Store

The software will be delivered to Mac users in Universal form, meaning it will run on both the aging PowerPC systems, as well as the latest bleeding edge, Intel processor-equipped Mac Pro systems. For Windows users, the software will run under WindowsXP and Windows Vista. According to the press release announcing the release, the software will run significantly faster on Intel-based Mac systems, and Windows hardware. “Creative Suite 3 is the biggest launch in Adobe’s 25 year history and a milestone for the creative industry,” said Bruce Chizen, chief executive officer at Adobe. “This release reflects the powerful integration between Adobe and Macromedia and how our products bridge the gap between designers and developers. With new workflows that streamline collaboration and impact the development of rich content, designers and developers now have the creative license to engage audiences across virtually every medium.”

Technorati Tags:


posted Tuesday, March 27, 2007 at 12:11 PM Pacific Time


Thursday, March 08, 2007

Camino 1.0.4 released; fixes security and stability issues



The Mozilla Foundation has updated their Mac-centric browser, Camino, to fix a number of unspecified security issues, along with various stability problems. Specific issues arising on Intel-based Mac systems were targeted, as well. The release notes for the update detail some of the problems that were resolved with this version:

  • Fixed several critical security and stability issues, including those fixed in version 1.8.0.10 of the Mozilla Gecko rendering engine.
  • Sheets will now close as expected on Intel-based Macs.
  • Upgraded the bundled Java Embedding Plugin to version 0.9.6.
  • Added support for importing iCab 3 bookmarks.
  • Improved the handling of Internet Explorer .url shortcut files.
  • The text of certain security dialogs now contains “Camino” instead of “(null)”.
  • Camino will now make a backup copy of the bookmarks file when it launches if the file is not corrupt.
  • Camino will automatically restore bookmarks from a backup when it launches if they are unreadable.
  • Further improved ad-blocking.

The software can be downloaded directly from the Mozilla Foundation's Camino browser site

Technorati Tags: , , , , , ,


posted Thursday, March 08, 2007 at 11:34 PM Pacific Time


Monday, March 05, 2007

QuickTime 7.1.5 released, patches security issues




Apple has patched eight security issues disclosed in QuickTime and QuickTime for iTunes. The security issues are present in both Mac OS X and Windows Vista/XP/2000 versions of the software. The update addresses the following security issues in QuickTime:

  • QuickTime

    CVE-ID: CVE-2007-0711

    Available for: Windows Vista/XP/2000

    Impact: Viewing a maliciously-crafted 3GP file may lead to an application crash or arbitrary code execution

    Description: An integer overflow exists in QuickTime's handling of 3GP video files. By enticing a user to open a malicious movie, an attacker can trigger the overflow, which may lead to an application crash or arbitrary code execution. This update addresses the issue by performing additional validation of 3GP video files. This issue does not affect Mac OS X. Credit to JJ Reyes for reporting this issue.

  • QuickTime

    CVE-ID: CVE-2007-0712

    Available for: Mac OS X v10.3.9 and later, Windows Vista/XP/2000

    Impact: Viewing a maliciously-crafted MIDI file may lead to an application crash or arbitrary code execution

    Description: A heap buffer overflow exists in QuickTime's handling of MIDI files. By enticing a user to open a malicious MIDI file, an attacker can trigger the overflow, which may lead to an application crash or arbitrary code execution. This update addresses the issue by performing additional validation of MIDI files. Credit to Mike Price of McAfee AVERT Labs for reporting this issue.

  • QuickTime

    CVE-ID: CVE-2007-0713

    Available for: Mac OS X v10.3.9 and later, Windows Vista/XP/2000

    Impact: Viewing a maliciously-crafted Quicktime movie file may lead to an application crash or arbitrary code execution

    Description: A heap buffer overflow exists in QuickTime's handling of QuickTime movie files. By enticing a user to access a maliciously-crafted movie, an attacker can trigger the overflow, which may lead to an application crash or arbitrary code execution. This update addresses the issue by performing additional validation of QuickTime movies. Credit Mike Price of McAfee AVERT Labs, Piotr Bania, and Artur Ogloza for reporting this issue.

  • QuickTime

    CVE-ID: CVE-2007-0714

    Available for: Mac OS X v10.3.9 and later, Windows Vista/XP/2000

    Impact: Viewing a maliciously-crafted Quicktime movie file may lead to an application crash or arbitrary code execution

    Description: An integer overflow exists in QuickTime's handling of UDTA atoms in movie files. By enticing a user to access a maliciously-crafted movie, an attacker can trigger the overflow, which may lead to an application crash or arbitrary code execution. This update addresses the issue by performing additional validation of QuickTime movies. Credit to Sowhat of Nevis Labs, and an anonymous researcher working with TippingPoint and the Zero Day Initiative for reporting this issue.

  • QuickTime

    CVE-ID: CVE-2007-0715

    Available for: Mac OS X v10.3.9 and later, Windows Vista/XP/2000

    Impact: Viewing a maliciously-crafted PICT file may lead to an application crash or arbitrary code execution

    Description: A heap buffer overflow exists in QuickTime's handling of PICT files. By enticing a user to open a malicious PICT image file an attacker can trigger the overflow, which may lead to arbitrary code execution. This update addresses the issue by performing additional validation of PICT files. Credit to Mike Price of McAfee AVERT Labs for reporting this issue.

  • QuickTime

    CVE-ID: CVE-2007-0716

    Available for: Mac OS X v10.3.9 and later, Windows Vista/XP/2000

    Impact: Opening a maliciously-crafted QTIF file may lead to an application crash or arbitrary code execution

    Description: A stack buffer overflow exists in QuickTime's handling of QTIF files. By enticing a user to access a maliciously-crafted QTIF file, an attacker can trigger the overflow, which may lead to an application crash or arbitrary code execution. This update addresses the issue by performing additional validation of QTIF files. Credit to Mike Price of McAfee AVERT Labs for reporting this issue.

  • QuickTime

    CVE-ID: CVE-2007-0717

    Available for: Mac OS X v10.3.9 and later, Windows Vista/XP/2000

    Impact: Opening a maliciously-crafted QTIF file may lead to an application crash or arbitrary code execution

    Description: An integer overflow exists in QuickTime's handling of QTIF files. By enticing a user to access a maliciously-crafted QTIF file, an attacker can trigger the overflow, which may lead to an application crash or arbitrary code execution. This update addresses the issue by performing additional validation of QTIF files. Credit to Mike Price of McAfee AVERT Labs for reporting this issue.

  • QuickTime

    CVE-ID: CVE-2007-0718

    Available for: Mac OS X v10.3.9 and later, Windows Vista/XP/2000

    Impact: Opening a maliciously-crafted QTIF file may lead to an application crash or arbitrary code execution

    Description: A heap buffer overflow exists in QuickTime's handling of QTIF files. By enticing a user to access a maliciously-crafted QTIF file, an attacker can trigger the overflow, which may lead to an application crash or arbitrary code execution. This update addresses the issue by performing additional validation of QTIF files. Credit to Ruben Santamarta working with the iDefense Vulnerability Contributor Program, and JJ Reyes for reporting this issue.

QuickTime 7.1.5 for Mac may be obtained from the Software Update pane in System Preferences, or as a manual download from: http://www.apple.com/quicktime/download/mac.html

QuickTime 7.1.5 for Windows may be obtained from the Apple Software Update application, or as a manual download from: http://www.apple.com/quicktime/download/win.html

Technorati Tags: , , , ,


posted Monday, March 05, 2007 at 03:23 PM Pacific Time


Friday, February 23, 2007

Firefox 2.0.0.2 released, fixes security issues




Firefox 2.0.0.2 was released today by the Mozilla Foundation; the update addresses a number of critical and moderately critical security issues, along with improving compatibility with Windows Vista. According to the release notes, the following security issues were reportedly fixed:
MFSA 2007-07 Embedded nulls in location.hostname confuse same-domain checks
MFSA 2007-06 Mozilla Network Security Services (NSS) SSLv2 buffer overflow
MFSA 2007-05 XSS and local file access by opening blocked popups
MFSA 2007-04 Spoofing using custom cursor and CSS3 hotspot
MFSA 2007-03 Information disclosure through cache collisions
MFSA 2007-02 Improvements to help protect against Cross-Site Scripting attacks
MFSA 2007-01 Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2)

Technorati Tags: , , ,


posted Friday, February 23, 2007 at 06:29 PM Pacific Time


Monday, February 05, 2007

Microsoft Office currently sporting a zero-day vulnerability


Security organization Secunia is reporting the existence of a new, extremely critical vulnerability that is present in many versions of Microsoft Office, including Microsoft Office XP, Microsoft Office 2004 for Mac, Microsoft Office 2003 (all editions), Microsoft Office 2000, Microsoft Excel 2000, Microsoft Excel 2002 and Microsoft Excel 2003. The vulnerability has been classed as "zero-day", due to the presence of in-the-wild exploits available. The current workaround, until Microsoft releases a patch, is to not open untrusted or unrequested Office documents (particularly Excel). Microsoft has a description of the issue, as does Secunia.

Technorati Tags: , , , ,


posted Monday, February 05, 2007 at 10:40 AM Pacific Time


Tuesday, January 23, 2007

Transmit vulnerable to buffer overrun issue


The Month Of Apple Bugs has disclosed a critical vulnerability present in the popular Mac OS X FTP client, Transmit. Transmit 3.5.5, the latest available version, contains a bug affecting the way it handles the SFTP protocol; this mishandling can result in unauthorized code to be launched on the affected system. A good synopsis of the issue has been provided by security organization Secunia, or one can slide over and check out the details, including a recommended workaround, on the Month Of Apple Bugs project website.

Technorati Tags: , ,


posted Tuesday, January 23, 2007 at 09:36 AM Pacific Time


Sunday, December 24, 2006

Parallels Desktop for Mac, Beta2 (Build 3094) released


Numerous enhancements to Parallels Desktop for Mac are included in the most recent update from Parallels. Parallels Desktop for Mac Beta2 (Build 3094) includes enhancements to graphics performance, CD/DVD functionality, USB 2.0, Boot Camp, along with the ability to place Windows applications directly on your Mac's desktop. In fact, you can now launch Windows applications directly from Mac OS X.

Technorati Tags: , , ,


posted Sunday, December 24, 2006 at 04:58 PM Pacific Time


Tuesday, December 19, 2006

Microsoft updates Office for Mac


Microsoft released two updates today for their Mac OS X versions of Microsoft Office. Microsoft Office v. X for Mac Update (2006-12-19) and Microsoft Office 2004 for Mac 11.3.2 Update address issues present in PowerPoint (Microsoft Office v.X & Office 2004) and Entourage (Office 2004)

Technorati Tags: ,


posted Tuesday, December 19, 2006 at 08:47 PM Pacific Time



techsplanations.com


Creative Commons License
the original content of TechSplanations News & Information is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 2.5 License.

Navigation

<<   January 2009   >>
SunMonTueWedThuFriSat
    123
45678910
11121314151617
18192021222324
25262728293031