A new version of Firefox was released by Mozilla yesterday. Version 35.0.1 includes fixes for various crashing and security issues.
There was no announcement from Mozilla for Firefox 35.0.1. As usual, I learned of the new release from non-Mozilla web sites. The struggle continues.
Although there have been some improvements to the release notes for Firefox, it’s still often difficult to determine whether the items listed changed in the version being discussed, or in a previous version. For instance, while all the items at the top of the list marked as ‘Fixed’ also refer to version 35.0.1, nothing else on the list refers to a specific version. Many of those items do in fact look like they are related to Firefox 35.0. There’s a link to ‘various security issues‘, but again it’s not clear what on that list is specific to version 35.0.1.
Another new version of Google’s web browser was released yesterday. The announcement contains very few details. It’s unclear whether any of the changes are related to security.
Update 2015Jan28: This version includes the recent Flash update (16.0.0.296), making it a critical update.
Initially, the new version was not available from the main Flash download page, although computers with Flash’s automatic update feature enabled did download and install it. As of January 27, the new version is available on the Flash download page.
Anyone using a web browser with Flash enabled should install the new version as soon as possible.
On Thursday, Adobe announced an update that addresses a recently-discovered vulnerability in Flash. According to Adobe, the vulnerability addressed by Flash 16.0.0.287 is CVE-2015-0310.
Anyone using a web browser with Flash enabled should install the new Flash as soon as possible.
Apparently there is at least one additional vulnerability in Flash that affects even the most current version (16.0.0.287) and is currently being exploited in the wild. This zero-day vulnerability is identified as CVE-2015-0311. According to Adobe, they are working on a patch, which should be available in the next few days.
SANS has a useful summary of the recent updates and vulnerabilities related to Flash.
The latest version of Google’s web browser includes fixes for a whopping 62 security issues. Chrome should update itself to version 40.0.2214.91 automatically.
Users are being encouraged to upgrade from Java 7 to Java 8. The download page now offers Java 8 instead of Java 7. Computers configured for Java auto-updates will be automatically upgraded from 7 to 8. And according to Oracle, Java 7 will see its final updates in April 2015.
The latest version of Firefox fixes several security issues and other bugs. Firefox 35 also includes improvements to the new search interface and the built-in ‘Hello’ chat feature.
Anyone who uses Firefox should install the new version as soon as possible.
The latest version of Google’s web browser includes the latest version of Flash (16.0.0.257) as well as some other bug fixes. Anyone using an older version of Chrome should update to version 39.0.2171.99 as soon as possible.
As usual, Google Chrome will update its embedded Flash automatically, and updates for the embedded Flash in Internet Explorer on Windows 8.x will be available via Windows Update.
Anyone using a web browser with Flash enabled should install the new Flash as soon as possible.
Update 2015Jan13: One of the updates in this batch is the source of some ill-will between Microsoft and Google. Google reported a Windows 8.1 vulnerability to Microsoft on October 13, and in keeping with its disclosure policies, made the vulnerability public 90 days later. By the time Microsoft got around to developing a fix, it was too late to make the patch available before the 90 day delay would end. Microsoft apparently asked Google to wait for the patch to be released on January 13, but Google stuck to its policy. Now Microsoft has publicly expressed its displeasure with Google. Information Week has additional details.
Rants and musings on topics of interest. Sometimes about Windows, Linux, security and cool software.
Close
Ad-blocker not detected
Consider installing a browser extension that blocks ads and other malicious scripts in your browser to protect your privacy and security. Learn more.
boot13