Adobe, Flash, Patches and updates, Security

Flash 12.0.0.77 released

Leave a comment

Adobe announced a new version of Flash yesterday. Version 12.0.0.77 fixes two security vulnerabilities flagged by Adobe as Important.

As usual, Google Chrome will update itself with the latest version of Flash, while Internet Explorer 10 and 11 on Windows 8 and 8.1 will receive the latest Flash updates via Windows Update.

You can check the version of Flash currently installed on your computer (or more accurately, in your browser), by visiting the About Adobe Flash page, and you can download the new version from the Player Download Center (warning: this page will install additional software by default; make sure to uncheck any optional software checkboxes).

Internet Explorer, Microsoft, Patches and updates, Security, Windows

Microsoft updates for March 2014

Leave a comment

Yesterday was Patch Tuesday, and Microsoft released five updates for Windows, Internet Explorer, and Silverlight. Two of the updates are flagged as Critical. The official summary bulletin has all the technical details, and a post on the MSRC blog has a less technical breakdown of the updates.

As expected, one of this month’s updates fixes the recently-reported zero-day vulnerability in Internet Explorer.

Internet Explorer, Microsoft, Patches and updates, Security, Windows

Advance notification of March updates from Microsoft

Leave a comment

Patch Tuesday for March 2014 happens on March 11. Microsoft currently plans to publish five new bulletins and associated patches starting at 10am PST on that date. The patches will address vulnerabilities in Windows, Internet Explorer, and Silverlight. Two of the patches are flagged as Critical.

One of the patches will fix the Internet Explorer vulnerability recently reported here.

Firefox

Firefox showing serious performance problems

Leave a comment

Is it just me, or is Firefox behaving more like a lead weight than a web browser lately? Since about version 26, any time I browse a media-heavy site, Firefox starts consuming all my CPU, and doing a ton of I/O. This usually calms down after a while, but it’s extremely annoying.

Sometimes the excessive CPU use is associated with playing Flash videos, in which case a task viewer will usually show that it’s the plugin container and the Flash plugin that are consuming all the CPU. But that’s not always the case.

The Flash plugin seems to crash a lot these days as well. Like every other time I play a video in Firefox. Normally, I’d be happy to blame Adobe, but I’m not convinced it’s their fault this time, because Flash is currently working fine in my other browsers.

One other annoyance in recent versions of Firefox is the way animated GIFs play. They stop, start again, play really fast, then really slow, and so on. Eventually they seem to settle down, but it takes a while.

Is anyone else seeing these problems?

Update 2014Mar11: Disabling all my add-ons seems to have resolved this problem. Now to identify which one.

Microsoft, Windows XP

Windows XP will nag you to upgrade after support ends

Leave a comment

Microsoft will prod you to upgrade your Windows XP computers after support for that O/S ends in April.

According to Ars Technica, a message will pop up on the 8th of every month, starting on March 8, 2014. Although this may be viewed as a nuisance by some users, at least the message has a “don’t bother me again” checkbox.

Microsoft is also working on making the transition easier with migration tools and a web site that tells visitors whether they are in fact running Windows XP. And they are encouraging tech-savvy people to assist friends and family with upgrading.

The Windows XP end-of-support site is a good starting point for anyone still running XP.

Microsoft, Security, Windows

Microsoft EMET protection software bypassed

Leave a comment

When a new Windows vulnerability is discovered, and particularly when exploits for that vulnerability are discovered in the wild, a common refrain from Microsoft is “use EMET”. EMET is security software that protects Windows systems from certain types of behaviour common to vulnerability-based attacks.

Installing and configuring EMET properly provides a level of protection beyond that of regular anti-malware software. Well, that was the idea, anyway.

Now it appears that attackers have found a way past EMET. The EMET bypass was discovered by security researchers at Bromium Labs and the details published in a whitepaper.

Malicious hackers are likely to start using this new information soon. Microsoft is working with Bromium Labs, but it may not be possible to prevent the bypass by improving EMET, in which case EMET will be reduced to a minor speed bump for attackers.

Rants and musings on topics of interest. Sometimes about Windows, Linux, security and cool software.

Close

Ad-blocker not detected

Consider installing a browser extension that blocks ads and other malicious scripts in your browser to protect your privacy and security. Learn more.