[IS&T Security-FYI] SFYI Newsletter, March 15, 2011
Monique Yeaton
myeaton at MIT.EDU
Tue Mar 15 12:21:07 EDT 2011
In this issue:
1. Two Browser Updates from Last Week
2. Microsoft and Security
----------------------------------------------------
1. Two Browser Updates from Last Week
----------------------------------------------------
Safari 5 Update:
Last week Apple issued a large update for its Safari web browser. The update fixes a total of 62 security issues in Safari 5 for Mac and Windows, and brings the most current version to 5.0.4. Fifty-six of the flaws could be exploited to allow arbitrary code execution. On the same day, Apple issued an update for its iOS, bringing the most recent version of its mobile operating system to 4.3, which addresses most of the same flaws in the Safari update.
Read the story in the news:
<http://www.computerworld.com/s/article/9213939/Apple_patches_62_bugs_in_massive_Safari_update>
Google Chrome 10:
Also last week, Google released Chrome 10 to the stable channel, making the update available to all users. Google Chrome 10 supports password sync and also comes with the latest Flash player (10.2).
Read the story in the news:
<http://techie-buzz.com/browsers/download-google-chrome-10.html>
--------------------------------
2. Microsoft and Security
--------------------------------
Ok, the above title might make some of us (Apple users) snicker. However, Microsoft has shown several signs of making security a priority for the users of their software.
The company has put out a plea to the world to drop Internet Explorer 6 (IE6) usage. They are now actively discouraging people from using IE6 and have released an official IE6 Countdown Site with graphics, showing the percentage of market share IE6 holds in countries around the world; Microsoft hopes to see usage drop to less than 1 percent worldwide (it currently stands at 12%). IE6 was introduced a decade ago. The next version of IE, version 9, is slated to be released this year.
Visit the site: <http://www.theie6countdown.com/>
Why the move?: <http://www.theie6countdown.com/educate-others.html>
In addition to the above, earlier this month Microsoft pushed an update that disables AutoRun on Windows XP and Vista systems. This Windows feature has been exploited by the computer viruses Confickr and Stuxnet to infect computers. The update was initially released in February; Microsoft said at the time that the patch would be optional, meaning that users would have had to select it manually in Windows Update. Now the patch is being pushed out through the Automatic Updates feature of Windows Update.
Read the story in the news:
<http://www.computerworld.com/s/article/9212938/Microsoft_pushes_anti_AutoRun_update_at_XP_Vista_users>
========================================================================================
To read all current and archived articles online, visit the Security-FYI Blog at <http://securityfyi.wordpress.com/>
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20110315/ce046f46/attachment.htm
More information about the ist-security-fyi
mailing list