Google Updates Chrome to 29.0.1547.65

September 2, 2013

Google has released a new version, 29.0.1547.65, of its Chrome browser for all platforms: Mac OS X, Linux, Windows, and Chrome Frame.  The major change in this release is an updated version of the bundled (“Pepper” based) Flash Player plug-in.  More information on the changes is available via the Release Announcement.

Windows and Mac users can get the new version via the built-in update mechanism; Linux users should check their distribution’s repositories for the new version.  If you need to get a complete installation package, you can download it here.


Google Releases Chrome 29

August 21, 2013

Google has released a new major version, 29.0.1547.57, of its Chrome browser for all platforms: Mac OS X, Linux, Windows, and Chrome Frame.  The new version incorporates some additional features:

  • Your profile can be reset to its original state
  • Suggestions offered when you type into the “Omnibox” will weight your recent activity more heavily
  • There are several new APIs for applications and extensions

This release also includes fixes for 25 security vulnerabilities, including at least five rated by Google as High severity.

More information on the changes is available via the Release Announcement.

Because of the security content of this release, I recommend that you update your systems as soon as you conveniently can.   Windows and Mac users can get the new version via the built-in update mechanism; Linux users should check their distribution’s repositories for the new version.  If you need to get a complete installation package, you can download it here.

 


Mozilla Updates Firefox, Thunderbird

August 12, 2013

Last week, the Mozilla organization released a new version, 23.0, of its Firefox browser, for all platforms (Linux, Windows, and Mac OS X).   The new version fixes 13 identified security vulnerabilities.  Mozilla rates four of these as being of Critical severity, and seven as High severity.

In addition, the new version introduces some new and changed capabilities.  It incorporates mixed content blocking, to protect against eavesdropping and “man-in-the-middle” attacks on secure pages.  It also incorporates a new Options panel for the Web Developer Toolbox.

This version also removes the JavaScript options from the Preferences page, and resets all values to the defaults.  (The controls under about:config  still work, but they are for experts.)  The rationale is that, because JavaScript is so widely used, turning it off breaks an unacceptable number of Web pages.  The suggested alternative, for those concerned about JavaScript-based exploits, is to use the NoScript extension, which allows more selective control.  Although my initial reaction to the Preferences change was negative, on reflection I think this approach, with NoScript, really is the better way to go.   I have been using NoScript myself for several years, and recommend it.

For further information on these changes, please see the Firefox Release Notes.  You can obtain the new version using the built-in update mechanism, or download a complete installation package.

Mozilla also released a new version, 17.0.8, of its Thunderbird E-mail client for Linux, Windows, and Mac OS X.  This is a security release, which fixes eight identified vulnerabilities; Mozilla rates two of these as Critical, and six as High severity.  For more information, see the Thunderbird Release Notes.

As with Firefox, you can obtain the new version via the built-in update mechanism, or download a complete installation package.

Because of the security content of these releases, I recommend that you upgrade your systems if you have not already done so.


Security Updates in Thunderbird 17.0.7

June 26, 2013

Mozilla has released a new version, 17.0.7, of its Thunderbird E-mail client, for Windows, Linux, and Mac OS X.  This release includes fixes for eight identified security vulnerabilities, four of which Mozilla rates as Critical. The Release Notes don’t really have much else to say.

Because of the security content of this release, I recommend that you update your systems as soon as you conveniently can. You can get the new version via the built-in update mechanism, or you can download a complete installation package here.


Mozilla Releases Firefox 22

June 25, 2013

Today the Mozilla organization released a new version, 22.0, of its Firefox browser for Linux, Windows, and Mac OS X.  The new version includes some new features:

  • HTML5 audio/video playback rate can now be changed
  • Social services management implemented in Add-ons Manager
  • The WebRTC communications API is now enabled by default
  • Additional optimizations for JavaScript

There are also several miscellaneous improvements, and fixes for 14 identified security vulnerabilities, four of which Mozilla categorizes as Critical.  Further information is available in the Release Notes.

Because of its security content, I recommend that you update your Firefox installations as soon as you conveniently can.  You can obtain the new version via the built-in update mechanism, or you can download a complete installation package, in your choice of language(s).

Update Tuesday, 25 June, 16:25 EDT

This blog post on the Mozilla Blog explains some of the new features in more detail.


Chrome Updates for Other Platforms

June 18, 2013

A few hours ago, I posted a note about the release of version 28.0.1500.45 of Google’s Chrome for the Linux platform.  Now the rest of the conventional PC world has been updated, too, with the Release Announcement for version 27.0.1453.116, for Windows, Mac OS X, and Chrome Frame.

This release incorporates fixes for a “click-jacking” vulnerability with the Flash plugin, and some other unspecified security issues.  It also fixes some other user interface bugs; more detail is available in the Release Announcement.  Although the identified security issue is not too serious (Google rates it as Medium severity), it’s probably a good idea to get the update, which you can do using the built-in update mechanism.

I confess that I am no more enlightened than before about why this update is different from the Linux update; I have no further information on what is actually in the Linux update.


Adobe Updates Flash Player

June 16, 2013

This past week, Adobe issued a Security Bulletin  [APSB 13-16] and a new version of its Flash Player to address several potentially Critical security vulnerabilities.  This  bulletin affects all platforms; according to Adobe, the affected versions of the software are:

  • Adobe Flash Player 11.7.700.202 and earlier versions for Windows
  • Adobe Flash Player 11.7.700.203 and earlier versions for Macintosh
  • Adobe Flash Player 11.2.202.285  and earlier versions for Linux
  • Adobe Flash Player 11.1.115.58 and earlier versions for Android 4.x
  • Adobe Flash Player 11.1.111.54 and earlier versions for Android 3.x and 2.x
  • Adobe AIR 3.7.0.1860 and earlier versions for Windows and Macintosh
  • Adobe AIR 3.7.0.1860 and earlier versions for Android
  • Adobe AIR 3.7.0.1860 SDK & Compiler and earlier versions

You can verify the version of Flash Player installed on your system by visiting the “About Flash Player” page at Adobe’s site.  (The page will also show you the current version numbers of Flash Player for all platforms.)  Updated versions of the player, for Windows, Mac, and Linux platforms, can be downloaded here.  For information on AIR and Android updates, please see the Security Bulletin.

The Flash player is one of the most commonly installed pieces of software on user computers.  Because it is so common, and because it is installed across multiple platforms, it is a very attractive target for the Bad Guys.  I strongly recommend updating your systems as soon as you conveniently can.


%d bloggers like this: