Tag

Security Update

Browsing

Opera Software has released Aura technology powered Opera 21 for Windows and Mac OS X users. If you are wondering what Aura actually is? Here’s a simple explanation of Aura technology. Aura lets the desktop edition of the popular Opera web browser to use hardware-acceleration for the web browser including the user interface. Only the Windows edition of Opera uses the Aura technology while Opera for Mac uses Apple Core Animation technology to meet the same effects. Download Opera browser for Windows and Mac.

Microsoft has issued an out-of-cycle security update for Internet Explorer vulnerability (Security Advisory 2963983) uncovered on Saturday, April 26, 2014. Microsoft even issued the fix for Windows XP (which is now no longer supported by the company), running Internet Explorer. This vulnerability was so severe in nature that IE users were asked to use an alternative browser for the time being until an official fix is issued. The US and UK even issued warnings about using Microsoft Internet Explorer web browser.

The security update for the Internet Explorer vulnerability was delivered at 10 a.m. Thursday, May 1, 2014. The security issue affected all versions of Internet Explorer, starting of the age-old Internet Explorer 6 through the latest version Internet Explorer 11. The vulnerability could allow remote code execution if a user views a specially crafted webpage using an affected version of Internet Explorer. After successfully exploited, the attacker could gain the same user rights as the current user. If the current user has fewer rights the impact will be less in comparison to users who have administrative user rights.

Apple has released OS X 10.8.4 update to fix bugs and close many security holes. The update includes Safari 6.0.5 update which fixes security issues found in the browser. A security update for earlier Mac OS X versions, Security Update 2013-002, was also released along.

According to the security advisory released by Apple, OS X Mountain Lion v10.8.4 and Security Update 2013-002 update fixes 31 vulnerabilities in the operating system. Further 26 security issues were fixed in Safari 6.0.5.

Adobe has released security updates for Adobe Flash Player for all platforms. Adobe Flash Player 11.5.502.149 security update is released for Windows and Macintosh, Adobe Flash Player 11.2.202.262 for Linux, Adobe Flash Player 11.1.115.37 for Android 4.x, and Adobe Flash Player 11.1.111.32 for Android 3.x and 2.x are released. Security update for Windows and Macintosh addressed issues which are rated critical by Adobe. For all supported platforms, these updates addresses vulnerabilities referred as CVE-2013-0633, CVE-2013-0634 (details later). These vulnerabilities could potentially allow an attacker to take control of the affected computer system and may cause a crash.

Out of the two vulnerabilities discovered in Adobe Flash Player, Adobe reports that CVE-2013-0633 is being exploited in the wild. It is a targeted attack designed to trick a user to open a Microsoft Word document. The document is sent via email and has malicious Flash (SWF) content. It targets the ActiveX version of Flash Player on Windows. Similarly, Adobe reports that CVE-2013-0634 is also being exploited in the wild. The attacks targeting this vulnerability is delivered via malicious Flash (SWF) content hosted on websites that target Flash Player in Firefox or Safari on the Macintosh platform. It can also affect Windows users in similar way as CVE-2013-0633.

Microsoft has released Security Bulletins for January 2013. This is the first “Patch Tuesday” of 2013 and as we do every month, bringing you details of the security bulletins that get released, along with details of how you should deploy the security bulletins. For Patch Tuesday of January 2013, Microsoft has released seven security bulletins. Out of the seven bulletins, two are rated critical, the maximum severity rating, the rest five bulletins are rated as important, which is the next highest possible severity rating. Six of the seven security bulletins fix issues in Windows operating system, two security bulletins fix issues in the .Net Framework and Microsoft Server Software, and the one left fixes issues in Microsoft Office and Developer Tools.

Microsoft has released December 2012’s Patch Tuesday. The year end’s Patch Tuesday has seven security bulletins that fixes vulnerabilities in various Microsoft products. Out of the seven security bulletins, five are rated critical, which is the maximum severity rating by Microsoft. The rest two bulletins are rated as important on the severity rating scale. The seven security bulletins of this month’s Patch Tuesday addresses 12 vulnerabilities in Microsoft Windows, Microsoft Office and Windows Server.

Windows RT will also be updated through two different updates (KB2753842, KB2779030), both of them being rated as “critical” in the severity scale. The updates for Windows RT brings improvements to Microsoft Surface which includes increased WiFi reliability, improved connectivity. Performance improvements includes support for access point names that use non standard ASCII characters. The update also reduces scenarios which resulted in limited WiFi connectivity.

For this month’s (October 2012) Patch Tuesday, Microsoft has released a total of seven patches to fix one critical and six important issues found in Windows, Office and some of its other products. If you have set Windows to automatically receive updates, Windows Update must have automatically installed the recommended updates.

“MS12-064 (Microsoft Word): This security update resolves two issues in Microsoft Office. This bulletin has a severity rating of Critical and can result in remote code execution. Only one of the two issues addressed by this bulletin is rated Critical, but in that case, an attacker could run code in the context of the logged-on user if they were to open a specially crafted Rich Text Format (RTF) file or previews or open a specially crafted RTF email message,” a Microsoft statement reads.

Microsoft has issued nine security bulletins as advanced bulletin notification for July 2012 Patch Tuesday. The nine security bulletins fixes 16 issues in the Windows operating system, Internet Explorer, Visual Basic for Applications, and Microsoft Office.

Out of the nine security bulletins of July 2012 Patch Tuesday, Microsoft has rated three of the security bulletins; MS12-043 (Microsoft XML Core Services), MS12-045 (Microsoft Data Access Components ), MS12-044 (Internet Explorer), as critical. The remaining six, MS12-046, MS12-048, MS12-047, MS12-049, MS12-050 and MS12-051 as important. Almost all the patches except one will need a system restart.

Microsoft has issued “Patch Tuesday” for June 2012. Total seven security bulletins are released. These seven bulletins address security issues in Windows, Internet Explorer, and the .NET Framework. Three of these seven bulletins are rated critical, the highest possible rating by Microsoft. The remaining four bulletins are rated as important.

Important: Users should update their system as soon as possible since a critical IE vulnerability which Microsoft has patched in this month’s Patch Tuesday is under active exploit.

Microsoft on April 10, 2012 ends Mainstream support for Windows Vista as well as Office 2007. Extended support for both Windows XP and Office 2003 ends in two years on April 8, 2014.

According to Microsoft Support Lifecycle policy, Microsoft will offer a minimum of 10 year support for Business, Developer and Desktop Operating System products. The Redmond software giant further divides this 10 years of support in two stages: “Mainstream Support” and “Extended Support.”