Security Updates for Adobe Reader, Acrobat

In connection with the Security Advisory for Flash Player, Adobe has also released new versions of Adobe Reader for Mac OS X and Windows.   (Reader contains an embedded  version of Flash Player.)  According to Adobe, Reader for UNIX/Linux systems is not affected, nor is the new Adobe Reader X for Windows.  The new versions are 9.4.3 for Windows and Macintosh, for those users who currently have version 9.4.2, and version 10.0.2 for Mac users currently running Reader X, version 10.0.1.   There are also corresponding new versions of the Acrobat product for Windows and Mac.  More detail is available in the Security Bulletin [APSB 11-06].

Reader users on Mac or Windows systems can get the update by using the built-in update mechanism (Help / Check for Updates).   Alternatively, updates for Reader and Acrobat can be downloaded from this page.   Note that these are update packages, not full installation binaries; they assume that you have version 9.4.2 (for Windows), or either version 9.4.2 or 10.0.1 for Mac, already installed.

I recommend installing this update promptly.

Security Updates to Google Chrome

Google has released another new version, 10.0.648.204, of its Chrome Web browser, for Windows, Linux, Mac OS X, and Chrome Frame.  This version fixes six serious security vulnerabilities.  It also includes support for the password manager on Linux, as well as miscellaneous performance and stability fixes.  More information is in the Release Announcement on the official Chrome Releases blog.

I recommend installing this update as soon as you conveniently can. Windows users can obtain the new version via the built-in update mechanism (Help / About Google Chrome). Linux users should be able to get the new version using standard package update tools (e.g., apt-get, synaptic).

Security Update for Adobe Flash

Last week, Adobe issued a Security Advisory about a new critical vulnerability in its Flash Player; Adobe’s AIR product is also affected.   The company has now, as promised released a new version of the player, 10.2.153.1, for Windows, Mac OS X, Linux, and Solaris systems that incorporates a fix for the vulnerability.  A new version of AIR, 2.6, has also been released.  The complete list of affected software versions, according to Adobe, is:

• Adobe Flash Player 10.2.152.33 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
• Adobe Flash Player 10.2.154.18 and earlier for Chrome users
• Adobe Flash Player 10.1.106.16 and earlier for Android
• Adobe AIR 2.5.1 and earlier for Windows, Macintosh and Linux

More details are available in th updated Security Bulletin [APSB 11-05].

Updated versions of Flash Player can be downloaded from the Adobe download page.  Windows users can, alternatively, use th update mechanism built into the package.  Windows users should also note that they may need two updates: one for Internet Explorer, and one for all other borwsers.  The Google Chrome browser comes with the Flash Player included; Chrome users should be sure that they have at least version 10.0.648.134.   (Google released this version, and the later 10.0.648.151, last week.)   Android users can get the new version from the Android Marketplace.

Users of the AIR package can download the new version here.

Because of its security content, I recommend that you install this update as soon as you conveniently can.

Mozillla Releases Firefox 4

The Mozilla organization has released a new major version of its Firefox Web browser, Firefox 4, for Mac OS X, Windows, and Linux.  This release contains many new features, which are listed in the Release Notes; some of the more significant changes include:

• A new, faster JavaScript engine
• Support for the “Do Not Track”  header
• Inclusion  of Firefox Sync, which allows you to keep bookmark lists on different devices synchronized
• Improvements to HTML 5 support
• Better utilization of graphics hardware

You can download the new version, in many different languages, from this download page.

Update Thursday, March 24, 15:00 EDT

The Internet Storm Center, run by th SANS Institute, has an interesting diary entry on new security features in Firefox 4.

Mozilla has also released a new version, 3.6.16, with security updates, for those who are not quite ready to move to the new major version; the Release Notes for 3.6.16 have more details.

Reality SATs ?

Taking the SAT test is one of the traditional rites of spring for high school students.  It seems that, in a test administration given last weekend, the essay question on some students’ exams has generated some controversy.  (For readers of my approximate vintage who may not know, the SAT was changed in 2005 to include an essay section.  We didn’t have that; you are not having a middle-aged moment.)  It seems that the essay question, or “prompt”, was related to the recent rapid growth in popularity of “reality television” shows.

Many of the negative comments from parents about this question ran more or less along the lines of, “My kid is serious and works hard; (s)he doesn’t have time to watch reality TV.”    There were also similar comments from students.  The College Board, which administers the SAT, said that the prompt contained sufficient information to write a top-scoring essay, and did not require any detailed knowledge of reality TV shows.  Here is the actual question from the exam, as quoted in the Washington Post:

Reality television programs, which feature real people engaged in real activities rather than professional actors performing scripted scenes, are increasingly popular. These shows depict ordinary people competing in everything from singing and dancing to losing weight, or just living their everyday lives.

Most people believe that the reality these shows portray is authentic, but they are being misled. How authentic can these shows be when producers design challenges for the participants and then editors alter filmed scenes?

Do people benefit from forms of entertainment that show so-called reality, or are such forms of entertainment harmful?

In this particular case, I think the College Board has the better argument.  Recall that the purpose of the essay section is to evaluate the student’s ability to formulate an argument, and express it in writing.  I certainly don’t watch reality TV shows — I can’t stand them — but I think I could write an acceptable essay on the basis of this question.  (In fact, I did talk about them a little in the context of the Colorado “Balloon Boy” back in the fall of 2009.)  I also have a bit of difficulty believing that there are high school students leading such sheltered lives that they have never seen one of these shows.   What I find a little disturbing about some of the complaints is the underlying notion that the essay had to be mainly an exercise in regurgitating facts, rather than an expression of ideas.

Alexandra Petri has an amusing blog post at the Washington Post site, on how this will affect the obsessive parent.

Where Does Science Come From?

The “Physics arXiv” blog at Technology Review has an interesting report on a new look at the geographic distribution of scientific research [abstract, PDF available], carried out by Lutz Bornmann at the Max Planck Society in Munich and Loet Leydesdorff at the University of Amsterdam.  The two researchers started with bibliometric data, giving the number of times scientific papers were cited in other research work, and combined them in a “Mash-up” with Google Maps, giving a graphic display of where scientific innovation occurs (to the extent that the citation data captures this, of course)    They also compute a simple measure of the proportion of widely-cited papers (defined as the top decile in citations) to the total number of papers cited.  They have produced maps for papers in physics, chemistry, and psychology; dark green circles show locations with a high proportion of widely-cited papers relative to the total.  The size of the circle is proportional to the total number of papers.  (The initial view of these shows the whole world, which makes seeing details difficult, but they can be zoomed and panned, like any Google map.)

The results don’t reveal anything drastically different from what one might have expected.  There are some places, not especially large (e.g., Cambridge, England and Princeton, NJ) that produce a higher than expected proportion of widely-cited papers.  On the other hand, Moscow produces a lot of physics papers (big circle), but a lower than expected number of widely-cited ones (red circle).

The citation data, of course, is certainly not the last word on the relative importance of scientific research.  But it is interesting to see the data presented in this way.  If nothing else, it seems to suggest that the fear that the US and Europe are somehow “falling behind” in research is a bit overblown.