Security News and Updates for March 3 - 9, 2011
With the Pwn2Own competition just getting underway, several security updates were released over the past week for two of the World's more popular web browsers, along with the monthly Windows Updates, an iTunes patch, and one Java update. The following is a list of the significant updates released this past 6 days, starting with the most recent.
On March 9, 2011, Apple Releases Java Updates for Mac OS X 10.5 and OS X 10.6
Apple has released Java for Mac OS X 10.5 Update 9 and Java for Mac OS X 10.6 Update 4 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
Apple computer users running these systems should review Apple articles HT4563 and HT4562 and apply any necessary updates to help counteract the risks. Do not think that your computer is invulnerable just because it is a Mac!
Also on March 9, 2011, Google released Google Chrome 10.0.648.127
Just eight days after the previous security update, Google has released Chrome 10.0.648.127 for all platforms to address 50 25 vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or bypass security restrictions.
You can review the Google Chrome Releases blog and apply any necessary updates to help mitigate the risks. Chrome can be updated by opening the browser, clicking on the Settings icon on the upper right and selecting About Chrome. This starts the online check for updates and downloads them.
On Patch Tuesday, March 8, 2011, Microsoft released its monthly Windows Updates.
Microsoft has released updates to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for March 2011. Two were rated as important and one as Critical.
One vulnerability patched this week is in Windows Media Player and is rated Critical, and affects almost all versions of Media Player on almost all supported versions of Windows. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.
Make sure you check for and apply Windows Updates to all of your supported Windows PCs.
On March 4, 2011, Firefox was updated to version 3.6.15, fixing a stability problem caused by one of the security fixes in version 3.6.14, which was released 3 days earlier, on March 1, 2011.
On March 3, 2011, Apple Released iTunes 10.2
Apple has released iTunes 10.2 to address multiple vulnerabilities affecting the ImageIO, libxml, and WebKit packages. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. You can review Apple article HT4554 for the details and links to download the patched version. Or, use your installed Apple Software Updater to download the latest version of iTunes.
That completes the list of vulnerabilities patched this past week, in Windows and Mac applications. You can keep tabs on all installed and exploitable software by running the Secunia Online Software Inspector every week. It reveals out-dated and insecure programs and offers download links to obtain the latest patched versions. It also tells you about any missing Windows Updates.
If you like this article please share it.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.