Software

The H-Online: Oracle has fixed 14 security holes in the Java Standard Edition (Java SE) with a critical patch update. The vulnerabilities allow attackers to use specially crafted Java WebStart applications or web services in order to install malicious code on computers that run flawed versions of Java. Oracle says that such flawed versions are particularly likely to exist on Windows computers because Windows users tend to have admin privileges. The risk is smaller under operating systems such as Linux and Solaris, the company added. ...

The H-Online: Adobe has updated Shockwave Player on Windows and Mac OS X to version 11.6.4.634 after identifying nine critical vulnerabilities. The problems affect Shockwave Player 11.6.3.633 and all earlier versions on Windows and Mac OS X – Adobe recommend updating to the new release by downloading it from get.adobe.com/shockwave. To identify whether Shockwave Player is installed on a system, users should visit the test page on Adobe’s site. ...

The H-Online: Opera has published a development snapshot of version 12 of its web browser that adds support for Mozilla’s “Do Not Track” (DNT) header. Code-named “Wahoo”, the unstable release is the first from Opera to support the DNT header, which signals web sites that the browser user wishes to opt-out of online behavioral tracking; online advertising networks use cookies and other web technologies to recognize internet users and serve them tailored advertising. Support for DNT in Opera 12 is currently disabled by default. Users can enable it in the preferences dialogue by selecting “Preferences > Advanced > Security > Ask websites not to track me”. ...

The H-Online: Mozilla has released Firefox 10.0.1, Firefox ESR 10.0.1, Thunderbird 10.0.1, Thunderbird ESR 10.0.1 and SeaMonkey 2.7.1 to fix a single critical security hole in the browsers and mail clients which appeared in version 10. The security advisory says that versions previous to Firefox 10, Thunderbird 10 and SeaMonkey 2.7 are unaffected by the use after free problem. The problem was discovered by Mozilla developers and causes a “potentially exploitable” crash in nsXBLDocumentInfo::ReadPrototypeBindings. Updates are available through Firefox, Thunderbird and SeaMonkey’s automatic update system and can be made to install by bringing up the “About” dialogue for the relevant application and selecting the “Apply Upgrade” button when it appears. Firefox and Thunderbird 10 were released at the end of January. ...

gHacks: Mozilla, developers of the popular Firefox web browser, have just released an update for the browser’s stable branch that moves the version to 10.0.1. The release may come as a surprise to users of Firefox 10, who were updated to that version only ten days ago. This is not the first occurrence that a critical update is released shortly after a major version upgrade of the web browser. Similar updates had to be delivered after the release of Firefox 9 and Firefox 8. ...

LifeHacker: Google is releasing a major update to Chrome today that will make browsing the web seem faster and also add security protections. Chrome 17 (17.0.963.46) pre-renders pages in the background when you type in the URL in the omnibox address bar so the site will appear to come up almost instantaneously. Chrome also now scans download executable-s (e.g., “.exe” and “.msi” files) and warns you if it thinks the file is malicious. ...

Mashable: Skype for Windows version 5.8 is out, bringing several interesting features, including full HD video-calling, group screen sharing and Facebook integration. Full HD video calls will be most useful to those who own a HD webcam, for example Logitech C920 which does the video encoding itself thus improving HD video quality on older computers. Video calling for Facebook works even with users who don’t use Skype. To start a video call with a Facebook buddy, select the person in your list and click “video call.” ...

The H-Security: Following the release of new versions of its open source Firefox web browser, Thunderbird email client and SeaMonkey suite, Mozilla has detailed the security fixes included in each of the updates. According to the project’s Security Center page for Firefox, version 10.0 closes a total of 8 security holes in the browser, 5 of which are rated as “Critical” by Mozilla. ...

Newest Opera browser features tab stacking, extensions, visual mouse gestures Oslo, Norway — December 16, 2010 Opera Software debuted the newest version of its award-winning browser today. Opera 11 combines elegant design, smart updates to some of our most popular features and new ways to customize Opera to your preferences. Download it today for Windows, Mac and Linux computers from http://www.opera.com/. ...

This week Apple announced the availability of QuickTime 7.6.9 for OS X 10.5 and Windows platforms. This release fixes 13 vulnerabilities in QuickTime for OS X Leopard and 15 vulnerabilities on the Windows platform. Keep in mind that if you use iTunes it requires that you install QuickTime as well, so be sure to check for updates. Apple has provided a direct download link for IT folks at http://www.apple.com/quicktime/download/. All 13 vulnerabilities for OS X can cause unexpected application termination (what you and I call a crash, but you can’t say crash on a Mac) or arbitrary code execution (make QuickTime run programs… BAD). ...