Mozilla Releases Firefox 34

This week Mozilla released Firefox 34.0.5. Users of this browser will notice that the default search engine in Firefox 34 is Yahoo, rather than Google. Also included in this version are an improved search bar, and the launch of WebIDE (the replacement for App Manager). SSL 3.0 support has been removed from this update due to known security issues.

Read the Notes for Firefox 34.0.5

Adobe Releases Flash Player Update, Delays Reader and Acrobat Fixes

Last week, Adobe released an update for Flash to address a dozen critical flaws. Chrome and IE 11 users will find their versions of Flash automatically updated.  You can see which version you have installed here, or download Adobe Flash Player here.

Fixes for flaws in Reader and Acrobat that had been scheduled to be released last week are delayed until this week so Adobe can conduct further testing.

Read the full story in the news.

Microsoft Security Updates for September 2014

Microsoft is planning to release four updates this Tuesday, September 9, to address various flaws. On the same date Microsoft is also planning to release a new security feature for Internet Explorer (IE), called out-of-date ActiveX control blocking and a new version of the Windows Malicious Software Removal Tool.

Affected software being updated includes Windows, IE (rated critical) and Lync Server.

Read the full story in the news.

December 2013 Security Updates from Microsoft



Today, Tuesday December 10, Microsoft is releasing eleven new security bulletins. Five of the bulletins are rated critical. Microsoft systems affected are:

  • Windows operating systems
  • Office
  • Lync
  • Internet Explorer
  • Exchange
  • Windows Server operating systems
  • Developer Tools

It is recommended to accept the updates. MIT WAUS subscribers will receive the updates after they have been tested for compatibility. Installing the bulletins manually may require a restart.

This is the last update of the year, finishing the 10th anniversary of Microsoft’s formularized process for security updates. Six of this month’s bulletins close potential remote code execution holes. All Windows platforms are affected, from XP to 8.1 and from Server 2003 to 2012. In addition, this month’s Internet Explorer update covers IE 6 through 11.

Adobe Releases Security Updates for Flash, ColdFusion

Adobe-LogoAdobe has released security updates for Flash Player and ColdFusion to address four vulnerabilities. The Flash update is available for Windows, Mac, and Linux. According to Adobe, the updates are not related to the recent theft of ColdFusion source code.

Read the full article online.

Why Patch a Mac?

Apple-LogoAccording to ZD Net, this has been a fairly busy security update season for Mac users. In fact, they say, Mac users have a lot more work involved to keep their systems safe.

There have been patches for the operating systems, for Safari for Mac, for Java and Adobe vulnerabilities, quite a long list compared to previous years.

There really are attacks out there against Macs which exploit vulnerabilities, so accepting and installing these patches is important.

Read the story online.

Oracle Security Patches Released

Last week Oracle released its security update for June 2013, which comprises 40 security updates, with 37 of them addressing vulnerabilities that lead to malware execution. Among the updates is one that fixes a vulnerability found in Javadoc.

Javadoc is a tool that generates frames for online documentation web apps. However, there is a vulnerability in how Javadoc interprets user supplied frames, leaving it vulnerable to frame injection when hosted on a web server. By using the vulnerable variation, and put into a webpage, a user clicking into the frame will be going to a malicious redirection.

The other updates address vulnerabilities in:

  • JDK and JRE 7, 6 and 5.0
  • JavaFX 2.2.21 and earlier

NOTE TO MIT USERS: Before installing Java updates to a computer in the MIT environment, please review this article: Which Java version should I install?


Get every new post delivered to your Inbox.

Join 69 other followers