Security Garden

Thursday, September 18, 2014

Mozilla Firefox Version 32.0.2 Released

Tweet This



Firefox

Mozilla sent Firefox Version 32.0.2 to the release channel in order to repair a critical bug:

Bug 1063052 - Firefox 32+ startup crash in nsFrame::BoxReflow

What’s New

  • Fixed -- 32.0.2 - Corrupt installations cause Firefox to crash on update

Known Issues

  • unresolved -- Assistive technologies may cause performance issues on Windows XP

    Update

    To get the update now, select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu.

    If you do not use the English language version, Fully Localized Versions are available for download.

    References




    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...








    Tuesday, September 16, 2014

    Adobe Reader Critical Security Update

    Tweet This

    Adobe
    Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.08) and earlier versions for Windows and 11.0.07 and earlier versions for Macintosh.  The update was delayed from last week to address issues identified during routine regression testing. 

    These updates address a vulnerability that could allow an attacker to circumvent sandbox protection on the Windows platform.  Adobe Reader and Acrobat for Apple's OS X are not affected.

    Release date: September 16, 2014
    Vulnerability identifier: APSB14-20
    CVE numbers: CVE-2014-0560, CVE-2014-0561, CVE-2014-0562, CVE-2014-0563, CVE-2014-0565, CVE-2014-0566, CVE-2014-0567, CVE-2014-0568
    Platform: Windows and Macintosh

    Update or Complete Download

    Update checks can be manually activated by choosing Help > Check for Updates.
      Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

      Windows XP


      If you are still using Windows XP and have Adobe Reader installed, please note that there will be no additional security updates for it.  I suggest uninstalling it and install an alternate reader.  Personally, I like Sumatra PDF.  It isn't a target and doesn't include unwanted extras with the install or updates.  (See Replacing Adobe Reader with Sumatra PDF.)  Adobe Reference:  End of support | Acrobat and Reader for Windows XP

        Enable "Protected View"

        Due to frequent vulnerabilities, it is recommended that Windows users of Adobe Reader and Acrobat ensure that Protected View is enabled.  Neither the Protected Mode or Protected View option is available for Macintosh users.

        To enable this setting, do the following:
        • Click Edit > Preferences > Security (Enhanced) menu. 
        • Change the "Off" setting to "All Files".
        • Ensure the "Enable Enhanced Security" box is checked. 

        Adobe Protected View
        Image via Sophos Naked Security Blog
        If you are looking for a replacement for Adobe Reader, consider Replacing Adobe Reader with Sumatra PDF.

        References




        Home
        Remember - "A day without laughter is a day wasted."
        May the wind sing to you and the sun rise in your heart...




        Friday, September 12, 2014

        Mozilla Firefox Version 32.0.1 Released

        Tweet This



        Firefox

        Mozilla sent Firefox Version 32.0.1 to the release channel, fixing several issues.

        What’s New

        • Fixed -- 32.0.1 - Stability issues for computers with multiple graphics cards
        • Fixed -- 32.0.1 - Mixed content icon may be incorrectly displayed instead of lock icon for SSL sites
        • Fixed -- 32.0.1 - WebRTC: setRemoteDescription() silently fails if no success callback is specified


        Known Issues

        • unresolved -- Assistive technologies may cause performance issues on Windows XP

          Update

          To get the update now, select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu.

          If you do not use the English language version, Fully Localized Versions are available for download.

          References




          Remember - "A day without laughter is a day wasted."
          May the wind sing to you and the sun rise in your heart...