Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - Corrine

Pages: [1] 2 3 ... 82
1
Security Alerts & Briefings / Mozilla Firefox Version 78.0 Released
« on: June 30, 2020, 08:53:01 PM »
Mozilla sent Firefox Version 78.0 to the release channel today. The update reportedly includes security updates but no information has been provided as of this post.

Also released was Firefox ESR Version 68.10.0.

Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox." Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

Security Updates
Release Notes

2
Web News / Improving Memory Usage in Microsoft Edge
« on: June 24, 2020, 09:19:48 PM »
From Improving Memory Usage in Microsoft Edge - Microsoft Edge Blog:

Quote
With the Windows 10 May 2020 Update, Microsoft Edge has leveraged the Windows segment heap memory improvements now available for Win32 applications to manage memory more efficiently. Early internal testing results of devices on the May 2020 Update are showing a memory usage reduction of up to 27% when browsing with Microsoft Edge. Individual device performance will vary based upon configuration and usage, but the lower memory usage is expected to create a better experience.

3
From Announcing Windows 10 Insider Preview Build 19042.330 (20H2)

Quote
Hello Windows Insiders, today we are announcing Windows 10 version 20H2 as the next feature update for Windows 10. The 20H2 feature update will be a scoped set of features and include the new Microsoft Edge based on Chromium. As part of today’s announcement, we’re also releasing 20H2 Build 19042.330 to the Beta Channel (Slow ring). This build includes the following fixes from KB4557957 as well as the new Microsoft Edge. After updating to today’s build, Microsoft Edge will be updated to the new Microsoft Edge based on Chromium.

4
Web News / ESET Defends Malwarebytes!
« on: June 15, 2020, 08:37:19 PM »
Quote
Last week, fourteen cybersecurity experts, infosec biz ESET, and tech advocacy groups the Internet Association and TechFreedom filed friend-of-the-court briefs urging the US Supreme Court to review a 2019 appeals court ruling against antivirus maker Malwarebytes.

The flurry of legal arguments represents an effort to ensure blanket immunity protections outlined in Section 230 of America's Communications Decency Act (CDA) – which Malwarebytes is relying on – remain as broad as possible.

In 2017, a district court judge in San Jose, California, dismissed a complaint brought by Enigma Software against its competitor Malwarebytes. Enigma filed its complaint because Malwarebytes' tools labelled Enigma's anti-spyware app a "potentially unwanted program," and asked users whether they wanted to remove it, if it was detected on a system.

Enigma claimed that its Spyhunter software was legitimate and posed no threat to users. However, Malwarebytes prevailed in court when the judge dismissed the case, citing 2009's Zango v. Kaspersky decision. The judge affirmed Malwarebytes was immune from liability under 47 U.S.C. § 230(c)(2)(B) of the CDA.

See complete article at ESET rushes to defend rival Malwarebytes in legal war sparked by vendor upset at 'unwanted program' labeling • The Register

5
From Introducing Windows Insider Channels | Windows Experience Blog:
Quote

Later this month, the Fast ring will become the Dev Channel, the Slow ring will become the Beta Channel, and the Release Preview ring will become the Release Preview Channel. Here is what that mapping looks like:



As a result of the change to "normal" names for the various Insider rings, I'll start new threads for each ring.

7
Security Alerts & Briefings / Microsoft June 2020 Security Updates
« on: June 09, 2020, 04:36:33 PM »
The Microsoft June security updates have been released and consist of 129 CVEs.  Of these 129 CVEs, 11 are rated Critical and 118 are rated Important in severity.

The updates apply to the following:  Microsoft Windows, Microsoft Edge (EdgeHTML-based), Microsoft Edge (Chromium-based) in IE Mode, Microsoft ChakraCore, Internet Explorer, Microsoft Office and Microsoft Office Services and Web Apps, Windows Defender, Microsoft Dynamics, Visual Studio, Azure DevOps, HoloLens, Adobe Flash Player, Microsoft Apps for Android, Windows App Store, System Center, and Android App.

Recommended Reading:  See Dustin Childs review and analysis in Zero Day Initiative — The June 2020 Security Update Review.

June Security Updates Guide

8
Adobe released Version 32.0.0.387 of Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address a critical vulnerability in Adobe Flash Player. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Release date:  June 9, 2020
Vulnerability identifier:  APSB20-30
Platform:  Windows, Macintosh, Linux and Chrome OS
Update:
Security Bulletin
Release Notes Flash Player 32 AIR 32

9
Pale Moon version 28.10.0 has been released.  The update is a development, bugfix and security update.  Linux versions will follow shortly.

The update includes DiD ("Defense-in-Depth") updates.  A DiD update is s a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.
Update:  To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window.  Click About Pale Moon and  Check for Updates.

Release Notes

10
Mozilla sent Firefox Version 77.0 to the release channel today. The update included seven (7) security updates of which five (5) are high, one (1) moderate and one (1) is low in severity.

Also released was Firefox ESR Version 68.9.

Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox." Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

Security Updates
Release Notes

11
From Minimum hardware requirements | Microsoft Docs:
Quote
* Beginning with Windows 10, version 2004, all new Windows 10 systems will be required to use 64-bit builds and Microsoft will no longer release 32-bit builds for OEM distribution. This does not impact 32-bit customer systems that are manufactured with earlier versions of Windows 10; Microsoft remains committed to providing feature and security updates on these devices, including continued 32-bit media availability in non-OEM channels to support various upgrade installation scenarios. (bold added)

However, it appears that over the years purchase of 32-bit devices has been overtaken by 64-bit. via Bleeping computer:  RIP: Microsoft to drop support for Windows 10 on 32-bit systems"
Quote
Microsoft does not offer statistics on the number of devices continuing to use Windows 10 32-bit, but the Steam Hardware & Software Survey: April 2020 shows that it is in limited use.

According to Steam's hardware survey, only 0.20% use Windows 10 32-bit while 86.08% use Windows 10 64-bit.

Windows 10, version 2004 is rumored to be released the last week of May, likely the 26th - 28th.

12
Security Alerts & Briefings / Microsoft May 2020 Security Updates
« on: May 12, 2020, 04:34:29 PM »
The Microsoft May security updates have been released and consist of 111 CVEs.  Of these 111 CVEs, 16 are rated Critical and 95 are rated Important in severity.

The updates apply to the following:  Microsoft Windows, Microsoft Edge (EdgeHTML-based), Microsoft Edge (Chromium-based), ChakraCore, Internet Explorer, Microsoft Office and Microsoft Office Services and Web Apps, Windows Defender, Visual Studio, Microsoft Dynamics, .NET Framework, .NET Core, and Power BI.

Recommended Reading:  See Dustin Childs review and analysis in Zero Day Initiative — The May 2020 Security Update Review.

May Security Updates Guide

13
Adobe released Version 32.0.0.371 of Adobe Flash Player for Windows, macOS, Linux and Chrome OS. The update has assorted bug fixes.

Release date:  May 12, 2020
Vulnerability identifier:  None
Platform:  Windows, Macintosh, Linux and Chrome OS

Update:
Release Notes

14
Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Release date:  May 12, 2020
Vulnerability identifier: APSB20-24
Platform: Windows and MacOS

Update or Complete Download


Reader DC and Acrobat DC were updated to version 20.009.20063.

Update checks can be manually activated by choosing Help/Check for Updates.
Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

    References

15
Pale Moon version 28.9.3 has been released.  The update is a security update.

The update includes DiD ("Defense-in-Depth") updates.  A DiD update is s a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.

Linux versions for this update will follow shortly.

Update:  To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window.  Click About Pale Moon and  Check for Updates.

Release Notes

Pages: [1] 2 3 ... 82