Pale Moon has been updated to version 28.8.1. This is an important security and stability release. In addition to fixes identified as "DiD*, the update addresses CVE-2019-17026, which is being actively exploited. Please update your browser to this version as soon as possible.
*A fix identified as "DiD" ("Defense-in-Depth") means that it is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.
From the Release Notes:
Changes/fixes:
- Fixed a sampling issue in libsoundtouch (DiD)
- Fixed an issue with a new upcoming Windows 10 feature not honoring Private Browsing mode by default (DiD)
- Fixed several stability and memory safety hazards. (DiD)
- Fixed an issue where files could inadvertently be executed with the designated file type handler instead of opened. (CVE-2019-17019)
- Fixed an issue with the JavaScript JIT compiler that could lead to exploitable crashes. (CVE-2019-17026) actively exploited
- Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 7 DiD, 12 not applicable.
Update: To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window. Click About Pale Moon and Check for Updates.
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
No comments:
Post a Comment