boot13The latest version of Chrome includes 23 security fixes, along with several other fixes and stability improvements.
Opera 21.0.1432.67 released
The latest version of the Webkit-based Opera browser contains several fixes for stability issues. There are apparently no security-related fixes in this version.
Chrome 34.0.1847.137 released
Yesterday, Google announced the latest new version of its web browser. Chrome 34.0.1847.137 includes fixes for three security vulnerabilities, as well as the latest version of the embedded Flash viewer.
Adobe Patch Tuesday for May 2014
Adobe has settled into a routine of publishing updates for its software on the second Tuesday on each month, in line with Microsoft’s practices. Today Adobe announced updates for Flash and Reader/Acrobat.
Both the Flash bulletin and the Reader/Acrobat bulletin are a bit light on details, saying only that the updates address critical vulnerabilities in the software.
The release notes for the new version (13.0.0.214) of Flash go into more details, although most of the information is about new features.
As usual, Google Chrome and Internet Explorer on Windows 8.x will be updated automatically and via Windows Update, respectively.
Microsoft Patch Tuesday for May 2014
This month’s crop of updates addresses thirteen vulnerabilities in Windows, Office, Internet Explorer, SharePoint and .NET.
There are eight bulletins, with two of them being flagged as Critical.
There are no updates for Windows XP this month, so it looks like Microsoft really has put the final nail in XP’s coffin.
The summary bulletin on the TechNet Security TechCenter has all the gory details. As usual, there’s a friendlier summary on the MSRC blog. The SANS Handler’s Blog has a slightly different take on this month’s updates.
Firefox 29.0.1 released
On May 9, a new version of Firefox was released by Mozilla. Since version 29.0.1 is considered a minor (‘dot’) release, there was no formal announcement.
The release notes provide some clues as to the changes in 29.0.1. A few minor bugs were fixed, but none of them appear to be security-related. The colour of unselected tabs was changed to make them more visible than they are in Firefox 29.
Pre-notification of updates for Adobe Reader
Adobe has issued a pre-notification of updates for Acrobat and Reader software that are expected to be made available on May 13.
The updates address critical security vulnerabilities in Reader and Acrobat.
Advance notification for May 2014 Patch Tuesday
Next Tuesday we’ll find out whether Microsoft is going to stick to its original plan and stop providing Windows XP security updates to us ordinary folks.
According to the Advance Notification post on the MSRC blog, this month’s updates will include eight bulletins, with two of those being Critical. The updates affect the usual suspects, including Windows, Office, Internet Explorer and .NET.
The more technical Advance Notification security bulletin on the TechNet Security Tech Center blog definitely does not list Windows XP anywhere.
WordPress 3.9.1 fixes 34 bugs
Version 3.9.1 of WordPress was announced yesterday.
The new version consists of fixes for several minor bugs. None of the changes are related to security.
WordPress sites will update to the new version automatically, unless the Auto Update feature is disabled.
DropBox issue exposes private documents
Security researchers recently discovered a flaw in DropBox that could allow access to users’ private documents in certain circumstances. DropBox responded quickly to fix the vulnerability. It’s not clear whether the vulnerability was known to – or exploited by – any nefarious persons.
If you use DropBox, you should review your Shared Links settings and restrict shared links to collaborators only.