Category Archives: Patches and updates

Adobe, Flash, Patches and updates, Security

Flash 20.0.0.267 fixes numerous security issues

Leave a comment

There’s a holiday present from Adobe in the form of yet another new version of Flash. This one fixes at least nineteen security vulnerabilities – including one that is currently being exploited on the web – as well as a few other bugs. There are additional details in the release notes.

As usual, Chrome and Internet Explorer will get the new version via their own update mechanisms.

If you use Flash in a web browser, push that plate of turkey leftovers to the side and install the new Flash ASAP.

Update 2016Jan02: On January 1, Adobe released another version of Flash, this time just for the ActiveX version used in older versions of Internet Explorer on Windows 7 and earlier. According to the updated release notes, Flash 20.0.0.270 includes one change: “Fixed loading problem with Flash Player in embedded applications”.

Firefox, Patches and updates, Security

Firefox 43.0.2

Leave a comment

Firefox 43.0.2 was released on December 22, with no announcement at all. I learned about the new version when my copy of Firefox offered to update itself. The release notes say only that the new version includes a new security certificate for Windows. The notes also mention “Various stability and security fixes”, but the linked Security Advisories page lists security fixes for all of Firefox 43. Presumably at least one security issue was fixed in 43.0.2, but it’s not clear.

Microsoft, Patches and updates, Windows 10

Windows 10 Insider Preview Build 11082

Leave a comment

It could be argued that it’s unfair to talk about problems with Windows 10 preview builds, since they are provided to us for testing purposes and expected to have issues. I hold the opposite view: everyone is better off if we report problems as publicly as possible. But I’ll try to stick to the facts and avoid complaining.

With the arrival of Windows 10 Insider Preview Build 11082, my test PC started doing some very weird things. The extent to which these problems are specific to my hardware remains unclear.

  • On logging in for the first time after the new build was installed, Windows reported that the application CCleaner was not compatible with the new Windows build, and had been removed. CCleaner (formerly CrapCleaner) is primarily a tool for removing junk and temporary files from Windows systems. The message pointed to this page, which says “If you try to use this app with Windows Insider Preview , it might not work correctly or might not work at all.” Not too helpful. I reported the problem to the CCleaner developers.
  • Normally, when File Explorer copies, moves, or deletes files, it displays a progress dialog. Those dialogs no longer appear. File operations still work, but there’s no visual indication of what’s going on.
  • Audio stopped working completely. A reboot didn’t help. Powering off the computer completely and then back on did fix the problem. There was nothing in the Windows events logs to point to a possible cause.

None of these issues are show-stoppers for me. I used the Windows 10 Feedback app to report the File Explorer dialog problem.

This is the first Windows 10 preview build with which I’ve had any serious problems, aside from privacy concerns. It will be interesting to see how quickly Microsoft responds.

Update 2015Dec21: The CCleaner developer responded to my report, saying that they have received similar reports and that they are looking into it.

Firefox, Flash, Patches and updates

Firefox 43.0.1

Leave a comment

A single minor change seems to be the only reason for the Firefox 43.0.1 release yesterday. The release notes describe the change as preparation “to use SHA-256 signing certificate for Windows builds”. This does not appear to be a security-related change, so there’s no hurry to update.

Mozilla has improved the look of Firefox’s release notes pages, but there has been no functional improvement. For instance, while there is a link to the ‘complete list of changes‘, that link goes to the Bugzilla bug tracking system, which is not easy to parse for non-technical users. Worse, it shows all changes in Firefox 43, not just 43.0.1, and there’s no way to search for changes to 43.0.1 only.

As usual, there was no proper release announcement for this version. There wasn’t even a vaguely-corresponding post on the Mozilla blog.

On my test computer, when the Firefox 43.0.1 update finished installing, Firefox displayed a web page with a brief video and an underlying announcement, about Firefox 43’s new privacy features, and ‘new’ Pocket integration. Which seems weird, because Pocket integration was also announced for Firefox 38.0.5 in June.

In other Firefox-related news, Mozilla recently pointed to an announcement from Netflix in a blog post titled ‘Firefox Users Can Now Watch Netflix HTML5 Video on Windows‘. This is an important change, because it’s no longer necessary for Firefox users to install and use Flash to watch Netflix content.

Firefox, Patches and updates

64 bit Firefox finally arrives

1 Comment

Something I neglected to mention about the recent Firefox 43 release: there is finally an official, 64-bit version of the browser. There have been unofficial and/or experimental 64-bit versions in the past, but they were abandoned for various reasons and never made it to prime time.

Those of you with modern computers who are running a 64-bit operating system have the option of installing the 64 bit Firefox or sticking with the traditional 32-bit version. The two versions look and act exactly the same, and I don’t think it’s likely that any particular advantage will be gained by switching to the 64-bit version. However, some people (you know who you are) are excited about this long-promised Firefox version.

Patches and updates, Security, WordPress and other CMS

Critical security fixes for Joomla

Leave a comment

Sites running the popular web Content Management System (CMS) Joomla have been targeted by large-scale attacks recently. Joomla’s developers have responded by publishing a fixed version, Joomla 3.4.6.

Anyone who operates a Joomla-based web site should stop what they’re doing and install the necessary updates immediately.

Update 2015Dec23: Joomla developers discovered that a bug in PHP – the language in which Joomla is developed – would likely lead to more vulnerabilities in Joomla. The PHP bug has been fixed, but that won’t help sites that are running older versions of PHP. Recognizing this, the Joomla developers released another update (Joomla 3.4.7) that addresses the underlying vulnerability.

Adobe, Patches and updates, Shockwave

Shockwave player 12.2.2.172

Leave a comment

According to FileHippo’s release history for Adobe Shockwave Player, Shockwave 12.2.2.172 was released on November 25, 2015.

The official download page for Shockwave confirms that the latest version is 12.2.2.172. Unfortunately, the official release notes for Shockwave show the latest version as 12.2.1.171.

Worse still, Adobe’s Shockwave version checker page tells me this: “Sorry, your computer does not have the latest Shockwave Player installed. Please go to step 2. (Your version:12.2.2.172 Latest Version:12.1.9.159)” It’s trying to tell me that 12.1.9.159 is the latest version (it isn’t) and that the version I’m running (which is in fact the latest version) is both out of date and somehow older than a version which is clearly the older of the two (12.1.9.159 is older than 12.2.2.172).

Hey Adobe: it’s hard enough to keep our software up to date without you sending us mixed messages.