March 15, 2011
Google has released a new version of its Chrome browser, 10.0.648.134, for all platforms (Linux, Windows, Mac OS X, and Chrome Frame). This release incorporates an updated version of the embedded Adobe Flash Player. The announcement, in the Chrome Releases blog, does not have much detail on what flaws, if any, this update fixes.
I will post any further information I discover here. Given that Flash is a frequent source of security vulnerabilities, I recommend installing this update.
Update Friday, 18 March, 12:03 EDT
According to an article at ThreatPost, the security news blog of Kaspersky Labs, this update to Chrome’s embedded Flash Player fixes the recently discovered security vulnerability, which I posted about earlier this week.
March 15, 2011
Microsoft has released the new version 9 of its Internet Explorer Web browser, for Windows Vista and Windows 7; it is not available for Windows XP. In addition to improved performance and better compliance with Web standards, the new version includes a number of additional security features. (Some of these are outlined in a diary entry at the SANS Internet Storm Center.) Microsoft also has a technical overview page for IT professionals available. As one might expect, there have been a variety of initial reactions, ranging from “ho-hum” to rapture; a few days should see the emergence of some relatively sober appraisals.
You can get the new version from Microsoft’s download page. The SANS diary entry, mentioned above, warns against downloading the software from sites other than microsoft.com, and I agree. On the basis of past experience, this event is almost certain to bring out a bunch of bogus sites, offering mainly malware.
If you are currently running Internet Explorer version 8, I don’t think that there is enormous urgency to upgrade, although it is something you should plan to do. If you are running Internet Explorer 7, or Internet Explorer 6 (shudder!), you should upgrade to at least IE 8, or an alternative browser, such as Mozilla’s Firefox or Google’s Chrome.