A new exploit, targeted at users of older versions of Internet Explorer, recently surfaced. IE 9 and 10 are not vulnerable to this exploit.
Microsoft is working on a patch, but until it’s available, anyone using Internet Explorer 6, 7 or 8 should exercise extreme caution when browsing the web, or – better yet – switch to a different browser such as Firefox, Opera or Chrome.
Unfortunately for anyone still using Windows XP, including a large number of corporate users, recent versions of IE (9 and 10) don’t run on that version of Windows. XP users are strongly encouraged to stop using Internet Explorer.
Details:
Brian Boyko’s 20+ minute animated video is an entertaining – albeit painful – look at the new Microsoft operating system. Spoiler: he hated it. Boyko originally intended to spend several days working with Windows 8, and produce his review on a Windows 8 computer, but he gave up in frustration and made this video instead. The video is worth watching; although some of what he says is admittedly personal opinion, he delves into the science of user interfaces and explains why in some respects, Windows 8 is worse than DOS.
A new version of Opera was made available today. Version 12.12 fixes a few security issues and other minor bugs.
This month’s Ouch! newsletter (PDF) from SANS lists the steps necessary for users to secure their computers. If you’re doing everything on this list, pat yourself on the back. If not, it’s time to take action.
This month there are seven bulletins, addressing twelve issues in Windows, Internet Explorer (including IE 10) and Office. The Microsoft Security Response Center has a useful summary. For the gory details, see the official security bulletin for the December updates over at Technet.
Here are the bulletins:
Adobe has released new versions of Flash for all platforms. Windows users are encouraged to update Flash to the new version: 11.5.502.135.
Internet Explorer 10 and Google Chrome users will get the equivalent patch in the form of updates from Microsoft and Google, respectively.
The new versions fix a serious security issue in Flash.
The latest version of Google’s web browser has a few minor fixes, including one for a bug that caused the browser to crash in certain situations. Several security issues are also addressed in this version.
Microsoft has issued their monthly heads up for December’s patches.
The associated Security Bulletin outlines seven upcoming bulletins that address eleven security vulnerabilities, affecting Windows, Word and Internet Explorer (including IE 10).
The patches will become available at about 10am PST on December 11, 2012.
The latest version of Google’s Chrome web browser includes two security fixes and a few minor non-security fixes.
The latest version of Firefox includes several bug fixes, as well as some performance tweaks. The most notable changes are listed on the version 17.0.1 release notes page, while the 17.0.1 bug fixes page lists every change.
Rants and musings on topics of interest. Sometimes about Windows, Linux, security and cool software.