TechBlog

Fulfilling the hints Microsoft dropped back in March, the Redmond software company unveiled the first platform preview of Internet Explorer 10 at MIX 11 in Las Vegas on Tuesday. This first preview of Internet Explorer 10 builds on the big HTML5 push that began with IE9, and adds support for more advanced Web standards, such as CSS3 Gradients as background images, and CSS3 Flexible Box and multi-column layout. Microsoft said code refreshes will take place approximately every twelve weeks for IE10. ...

BetaNews: Google found itself fending off criticisms from competitor Microsoft on Monday over whether or not its Google Apps product truly had an important government security clearance. Called the Federal Information Security Management Act (FISMA) standard, the Mountain View, Calif. company claimed on its webpage that the Government version of Apps had it. It didn’t. Instead, Google Apps Premier had the proper certification, while the more restrictive Government version was still in the process of getting FISMA certified. This is required by some government agencies in order to participate and win bids for any IT contract. ...

H-Online: In a post on the project’s security announce mailing list, Ubuntu Release Manager Kate Stewart has reminded users that the desktop version of Ubuntu 8.04 LTS, code named Hardy Heron, will reach its end of life in May. Version 8.04 of the Debian-derived Linux distribution was released on 24 April 2008. Based on the 2.6.24 Linux kernel, it placed a stronger focus on stability and ease of use, rather than on new features, and included the GNOME 2.22 desktop environment, as well as a new installer that allowed Ubuntu to be installed directly under Windows without having to boot from CD or re-partition the hard disk. Built-in applications included version 2.4 of the OpenOffice.org office suite, Firefox 3.0 Beta 5, the F-Spot photo manager and the GIMP image editor. After 12 May 2011, no new updates, including security updates and critical fixes, will be available. The server edition of Ubuntu 8.04 LTS will continue to be supported until May 2013. ...

H-Online: It’s a record for Microsoft: 9 critical and 8 important updates close a total of 64 security holes. In the worst case, a number of the vulnerabilities allow for remote code execution; in other words, arbitrary code can be injected and executed, such as from specially crafted documents and websites. Microsoft put 44 of them in the category Exploitability Index 1, meaning that the code that exploits the flaw will probably go into circulation soon. ...

H-Online: In a post on their home page, the Flock developers have announced that support for their Chromium-based social web browser will officially be discontinued on 26 April 2011. Thanking their “loyal users” for their support, the developers encourage the Flock community to migrate to another browser. Flock began life as a cross-platform browser start-up in April 2005. Distinguishing itself from other browsers, Flock automatically managed updates and media from several popular social services, including MySpace, Facebook, Bebo, Digg, YouTube and Twitter. ...

SophosLabs: Are you in the habit of having complete strangers email you naked pictures of themselves? That’s the only reason I can think of that you can legitimately explain why your computer has been infected by the latest malware attack that has been spammed out around the world. Users are seeing messages in their inbox, which attempt to trick recipients into opening the attached file with the promise of a nude photo. ...

Mozilla Links: Mozilla has announced that it will release the first update for Firefox 4 on April 26, about a month after the original release, back in March 22. New with this release is that Mozilla will start using code names (somehow related to the main branch codename, in this case Tumucumaque) for udpates as well, as a way to help developers that follow Firefox development closely, more clearly understand what is coming when. ...

H-Online: Following on from last week’s S3M vulnerability in the VLC media player, a new advisory warns of a buffer overflow when playing MP4/MPEG-4 files.The bug, reported by Aliz Hammond, requires that a user open a specially crafted MP4 file. According to Secunia, the vulnerability is found in the MP4_ReadBox_skcr()function in the demultiplexer and is rated as “highly critical”. All versions from 1.0.0 to 1.1.8 are affected by the problem. ...

SophosLabs: Criminals and scammers on Facebook aren’t resting on their laurels… in fact, they are branching out and using multiple techniques all rolled into one scam. Tonight’s blockbuster spam is taking on several guises. One version is a likejacking attack that spams your wall with the message “Dad walks in on daughter… EMBARRASING!!!” and “This really has to be an awkward moment.” They seem to be quickly rotating through a long list of Google (goo.gl) short URLs to evade detection. ...

Avira TechBlog: Adobe released a security advisory in which it warns from a zero-day vulnerability within current version of Adobe Flash Player, Reader and Acrobat. Affected are Flash Player 10.2.153.1 and earlier versions for Windows, Mac, Linux and Solaris, the current version integrated in the Chrome web browser, and 10.2.156.12 and earlier versions for Android. The authplay.dll component of current and older version of Adobe Acrobat and Reader are also affected; according to Adobe, the sandbox of Acrobat Reader X prevents from execution of malicious payloads though. ...