December 10, 2013
The Mozilla organization today released a new version, 26.0, of its Firefox Web browser, for all platforms: Windows, Linux, and Mac OS X. The new version includes fixes for 14 identified security vulnerabilities, five of which Mozilla rates at Critical severity. There are also some other bug fixes:
- Text rendering on Windows 7 or 8
- Improved page load times
- MP3 back end on OS X
This version also incorporates some new features:
- Java plugins default to “click to play”
- H.264 is supported on Linux
- Password manager supports script-generated password fields
More details are available in the Release Notes.
Because of its security content, I recommend that you update your system as soon as you conveniently can. You can get the new version using the built-in update mechanism, or you can get a complete installation package, in any of 70+ languages, from the download page.
June 25, 2013
Today the Mozilla organization released a new version, 22.0, of its Firefox browser for Linux, Windows, and Mac OS X. The new version includes some new features:
- HTML5 audio/video playback rate can now be changed
- Social services management implemented in Add-ons Manager
- The WebRTC communications API is now enabled by default
There are also several miscellaneous improvements, and fixes for 14 identified security vulnerabilities, four of which Mozilla categorizes as Critical. Further information is available in the Release Notes.
Because of its security content, I recommend that you update your Firefox installations as soon as you conveniently can. You can obtain the new version via the built-in update mechanism, or you can download a complete installation package, in your choice of language(s).
Update Tuesday, 25 June, 16:25 EDT
This blog post on the Mozilla Blog explains some of the new features in more detail.
April 23, 2013
Two new reports have just been released dealing with the state of Internet security; one is from Microsoft, and the other from Verizon. If you are interested in security, I recommend both reports as interesting, if sometimes rather depressing, reading.
Since 2008, Verizon’s RISK Team has published an annual report summarizing security and data breach incidents, and categorizing them on various criteria (e.g., who did it? how was it done?). The 2013 Data Breach Investigations Report [PDF] analyzes data from more than 47,000 security incidents, and 621 confirmed data breaches. This year, the report attempts to assess the prevalence and origins of “espionage” attacks: those whose primary motivation was not mischief, or financial gain, but theft of trade secrets and other intellectual property. There is also an Executive Summary [PDF] available.
I have not had a chance to read these reports yet, but will post further comments here when I have. An essential part of any sensible security analysis is an evaluation of the threats one is guarding against. These reports should provide some information useful in that exercise.
February 19, 2013
The Mozilla organization released a new major version, 19.0, of its Firefox Web browser, for Linux, Mac OS X, and Windows. In addition to the customary updates to the Gecko rendering engine in a major release, this version incorporates several new features and improvements. Probably the most significant change for most users is the inclusion of the new, built-in PDF viewer. (The plan to include a viewer was first discussed back in October, 2011.) Other significant changes include:
- Improved start-up performance
- Better HTML 5 support for cascading style sheet (CSS) capabilities
- Fixes to bugs in WebGL processing, plug-in rendering, and private mode startup
- Fixes for eight identified security vulnerabilities, four of which are rated Critical
Further information is available from the Release Notes.
You can get the new version using the update mechanism built into the browser, either automatically or via Help / About Firefox / Check for Updates. Alternatively, you can get a complete installation package, available in more the 70 languages, from the download page.
Update Wednesday, 20 February, 14:53 EST
The “Webmonkey” blog at Wired has a short article on the new version of Firefox.
January 22, 2013
Google today released a new version, 24.0.1312.56, of its Chrome browser for all platforms: Windows, Linux, Mac OS X, and Chrome Frame. This is a bug fix release, and includes fixes for three specific problems:
- Performance of mouse Wheel scrolling
- Visited links bug
- Windows installation as admin
The new version also includes fixes for five identified security vulnerabilities, three of which Google rates as High severity. More details on the changes are available in the Release Announcement.
Because of the security content of this release, I recommend that you update your systems as soon as you conveniently can. Windows and Mac users can get the new version via the built-in update mechanism; Linux users should check their distribution’s repositories for the new version.