patches
Microsoft Clarifies Impact of IE Update on Firefox, Mozilla Unblocks
Wed, 10/21/2009 - 13:32 — mcoyleMicrosoft has updated the advisory for MS09-054, a cumulative security update for Internet Explorer, to describe its impact on Firefox users. The first version failed to mention any impact, leading to what may have been an overreaction on Mozilla's part. An entry on Microsoft's Security Research & Defense blog goes into the matter further. The bottom line: Firefox users should apply MS09-054, even though it's labeled as an update for IE.
Article link
To Boost Security, Mozilla Launches Plugin Checker
Mozilla developers have launched a new online tool that tells Firefox users whether popular add-on components such as Java or QuickTime are up to date.
Article link
Mozilla Expands on Plugin Protection Plans
Mozilla has expanded on the plans they acknowledged yesterday to check the version of Flash you are running to make sure that it's not outdated.
Article link
Microsoft Releases 5 Critical Windows Updates
Microsoft has released 5 security bulletins for Windows and updates to address the 8 vulnerabilities described in them. All 5 bulletins have a maximum severity rating of "critical," but some Windows versions are affected more severely than others. The recently-announced vulnerability in the IIS FTP service is not addressed, nor is this morning's new SMB2 vulnerability.
Article link
PDF Vulnerabilities and Attack Surface
Attack surface is a term used to convey the amount of code available to attackers in a program. As a general matter, the more features added to a program, the greater the attack surface. For example, adding a web server to your web browser? You increase the attack surface.
Article link
Crash Bug Forces Updates of Thunderbird and SeaMonkey
Due to a bug rated with "High" severity Mozilla has released new versions of the Thunderbird mail client and SeaMonkey Application Suite. Thunderbird 2.0.0.22 and SeaMonkey 1.1.17 are available for download or through the Updates menus.
Article link
Oracle Users Struggle With Patch Management
Despite new tools that speed deployment, many administrators are still far behind.
Article link
Conficker Attacks MRI Systems in Hospitals
A San Jose Mercury News news report says that over 300 hospital devices, including MRI systems, were infected with the Conficker worm and attacking other devices on the network.
Article link
Internet Explorer 8 on Windows Update
Microsoft released Internet Explorer 8 to Windows Update yesterday as part of a flurry of generally non-security updates. IE8 shows up as a "High-priority" update.
