Most of the world considers a version increase from 23.x to 24 to represent a major release, with many new and changed features. Not so with Firefox. In the interest of marketing, Mozilla has tossed out anything resembling industry standards for naming Firefox’s version numbers.
Version 24 of Firefox fixes a few minor bugs and adds some very minor enhancements: nothing worthy of a major version increase. Version 24 does include several security fixes, which can be seen on the Security Advisories page.
I suppose it almost goes without saying by now, but the release notes and related announcements for Firefox still leave a lot to be desired (see my post about Firefox 23 for details).
Adobe has released another new version of Flash (11.8.800.174), specifically for web browsers that use the ActiveX version of Flash, which means all versions of Internet Explorer other than IE 10 running on Windows 8.x.
This new version fixes a few small bugs, none of them security-related.
An update for the new Webkit-based variant of the Opera browser was announced on 2013Sep05. Changes in this version are mostly related to stability improvements.
A new version of WordPress was announced yesterday. Version 3.6.1 fixes several security vulnerabilities.
Anyone managing a WordPress site is strongly encouraged to install this update as soon as possible. WordPress sites are already popular targets for nefarious hackers; there’s no point in making things easy for them.
A new version of Java was released yesterday with zero fanfare from Oracle. Presumably that’s because there are no security vulnerability fixes in this release, since normally there would be an announcement on Oracle’s Critical Patch Updates, Security Alerts and Third Party Bulletin blog.
It will be interesting to see what Adam Gowdiak says about this release, since some of the vulnerabilities he has reported still existed in the previous Java release, 7u25. Update 2013Sep24: According to the vendor log on the Security Explorations site, “Oracle provides a monthly status report for the reported issues. The company informs that Issue 69 is fixed in main codeline and is scheduled for a future CPU.” In other words, Issue 69 is STILL not fixed.
Another month, another pile of patches from Microsoft. This month there are fourteen bulletins, addressing security vulnerabilities in Windows, Internet Explorer, Office, and the .NET framework. Four of the bulletins are rated Critical.
As usual, the updates will become available after 10am PST from Windows Update.
Adobe today released version 11.0.04 of Reader and Acrobat. This version fixes eight critical vulnerabilities and should be installed as soon as possible by anyone who uses the affected software to open PDF documents from untrusted sources.
A new version of Flash was announced by Adobe today. Version 11.8.800.168 fixes four critical vulnerabilities. The official release announcement from Adobe provides details on all of the changes in this new version.
Anyone who uses a Flash-enabled web browser should install the new version as soon as possible. That includes anyone who uses Youtube.
The changes in this version will be ported to the Chrome web browser as embedded Flash version 11.8.800.170. Flash updates for Chrome tend to happen silently in the background. You can see what version of Flash Chrome is currently running by browsing to the chrome://flash/ page. Recently, the version of Flash in Chrome mysteriously rolled back to 11.8.800.97, so it will be interesting to see what happens with 11.8.800.170 (Chrome finally updated itself with Flash 11.8.800.170 on 2013Sep18, a delay of one week, which is somewhat alarming. The version of Chrome itself also changed at the same time, to 29.0.1547.76.)
Internet Explorer 10 on Windows 8 also uses embedded Flash code. Microsoft Security Advisory 2755801, now available from Windows Update, patches IE10 on Windows 8 to use the new Flash version 11.8.800.168.
Next Tuesday, September 10th, will see another big pile of patches from Microsoft. Starting at 10am PST on that date, thirteen new updates will become available. Of those updates, four are flagged as Critical and affect Windows, Office and Internet Explorer. Many of the updates are related to security.
Google released another new version of Chrome on Monday. Version 29.0.1547.66 fixes a minor issue with Sync and includes an update for the embedded Flash player. Oddly, Flash seems to have rolled back to an earlier version, from 11.8.800.115 to 11.8.800.97. There has been no explanation from Google so far.
Rants and musings on topics of interest. Sometimes about Windows, Linux, security and cool software.
Close
Ad-blocker not detected
Consider installing a browser extension that blocks ads and other malicious scripts in your browser to protect your privacy and security. Learn more.