Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - Corrine

Pages: [1] 2 3 ... 79
As described in Protecting users from potentially unwanted applications in Microsoft Edge - Microsoft Edge Blog, beginning with Microsoft Edge build 80.0.338.0, a new feature has been added to prevent downloads that may contain potentially unwanted apps (PUA) by blocking those apps from downloading. Although the feature is off by default, it can be enabled by doing the following:

1.  Open Settings.
2.  Select "Privacy and services".
3.  Scroll down to Services, and turn on "Block potentially unwanted apps".

In the event an app is mislabeled as PUA, it can be kept by tapping "…" at the bottom of the notice shown when an app is blocked and selecting "Keep" > "Keep anyway".

To report the app as safe, go to edge://downloads/, and select "Report this app as reputable", which will result in a redirect to the Edge feedback site.

Mozilla sent Firefox Version 73.0.1 to the release channel today with a number of fixes.  Firefox ESR Version remains at Version 68.5.

Release Notes

Pale Moon has been updated to version 28.8.3 as a bugfix and security update.

The update includes two DiD ("Defense-in-Depth") updates. A DiD update is s a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.

Release Notes

uBlock Origin Updater has become obsolete · Issue #112 · JustOff/ublock0-updater · GitHub
I'm pleased to announce that starting from version, uBlock Origin for Firefox legacy-based browsers can auto-update itself without any additional tricks. This also means that uBlock Origin Updater is becoming obsolete, and I'm going to make it so that it uninstalls itself on the next update.

I checked Add-ons and, sure enough, uBlock Origin Updater is no longer installed.

Internet / Compare Your Browser With Microsoft Edge Dev
« on: February 13, 2020, 09:09:36 PM »
New optimizations boost performance in preview builds of Microsoft Edge - Microsoft Edge Blog
Starting with Microsoft Edge build 81.0.389.0 on 64-bit Windows 10, we’ve enabled new toolchain optimizations that should provide a substantial performance improvement in general browsing workloads.

We’ve measured an up to 13% performance improvement in the Speedometer 2.0 benchmark when compared to Microsoft Edge 79. Speedometer measures performance by simulating user interactions in a sample web app across a number of DOM APIs and popular JavaScript frameworks used by top sites, and is generally regarded as a good proxy for real-world performance across a number of different subsystems including the DOM, JavaScript engine, layout, and more.

It is important to note that the Microsoft test had no other tabs open and no apps -- by apps, I gather that includes ad-blockers, etc.  If you run a comparison, post your results as a reply.

Security Alerts & Briefings / Microsoft February 2020 Security Update
« on: February 11, 2020, 04:37:52 PM »
The Microsoft February security updates have been released and consist of 99 CVEs. Of these 12 CVEs, rated Critical and 83 are rated Important in severity. According to Microsoft, five of these bugs are publicly known and one is currently under active attack.

The updates apply to the following:  Microsoft Windows, Microsoft Edge (EdgeHTML-based), Microsoft Edge Chromium-based), ChakraCore, Internet Explorer, Microsoft Exchange Server, Microsoft SQL Server, Microsoft Office and Microsoft Office Services and Web Apps, Windows Malicious Software Removal Tool, and Windows Surface Hub.

Recommended Reading:  See Dustin Childs review and analysis in Zero Day Initiative — The February 2020 Security Update Review.

February Security Updates Guide

Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Release date:  February 11, 2019
Vulnerability identifier: APSB20-05
Platform: Windows and MacOS

Update or Complete Download

Reader DC and Acrobat DC were updated to version 20.006.20034.

Update checks can be manually activated by choosing Help/Check for Updates.
Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.


Adobe released Version of Adobe Flash Player for Windows, macOS, Linux and Chrome OS. The updates address a critical vulnerability in Adobe Flash Player. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Release date:  February 11, 2020
Vulnerability identifier:  APSB20-06
Platform:  Windows, Macintosh, Linux and Chrome OS

Security Bulletin
Release Notes Flash Player 32 AIR 32

Mozilla sent Firefox Version 73.0 to the release channel today.  The update included seven (7) security updates of which four (4) are high and three (3) rated moderate.

Also released was Firefox ESR Version 68.5.

Update:  To get the update now, select "Help" from the Firefox menu, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

Security Updates
Release Notes

Pale Moon has been updated to version  This is a minor release in response to YouTube deprecating their old web UI. This change will enable the new YouTube UI by default.

From the Release Notes:

This is a minor release in response to YouTube deprecating their old web UI. This change will enable the new YouTube UI by default.

It is Palindrome Day today and it won't happen again for 909 years!  The last time was 109 years ago -- 11/11/1111.  It is also the 33rd day of the year with 333 more days.

Month, date, year: 02/02/2020
Date, month, year: 02/02/2020
Year, month, date: 2020/02/02

It is also Ground Hog Day and, according to the myth, since Punxsutawney Phil didn't see his shadow, we are supposed to have an early spring. 

As to Superbowl Sunday, no predictions from me on the outcome of the 49ers vs the Chiefs but feel free to claim your favorite to win.  :)

Web News / A Walk Down Memory Lane Provided by Pieter Arntz
« on: January 30, 2020, 06:00:13 PM »
Published at Bleeping Computer as a guest post, Malwarebytes security researcher Pieter Arntz provides what for me and others who were around the forums during that time, a walk down memory lane in The Adware Families That Changed the Antivirus Industry.

Pale Moon has been updated to version 28.8.2 as a small bugfix and compatibility update.

From the Release Notes:

  • Reverted the addition of JavaScript regular expression lookarounds since the implementation caused crashes. We'll have to revisit this later.
  • Fixed an issue where FTP servers would hang the browser if they were not sending answers according to the protocol specification.
  • Added a workaround for GitHub trying to enforce more Google-isms (which we don't support at this time) to browsers that identify as "Firefox-alike".
Update: To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window. Click About Pale Moon and Check for Updates.

Web News / Free Version of Avast Reportedly Marketing User Data
« on: January 27, 2020, 06:11:22 PM »
Although Avast implemented new security measures after Google and Mozilla removed temporarily removed the extensions, apparently that is not the end of the story.  Numerous tech articles have been posted today reporting that the anonymized web history data can still be picked apart and then linked back to individual Avast users.

Some of the articles published today:
Bottom line:  If you use the free version of Avast, you may want to consider a different antivirus.  (PC Mag has a collection of free A/V's here:  The Best Free Antivirus Protection for 2020 | PCMag).  For a licensed A/V, ESET remains a favorite.

Adobe released Version of Adobe Flash Player for Windows, macOS, Linux and Chrome OS to provide a minor update to refresh a content security certificate used in Adobe's DRM system.

Release date:  January 21, 2020
Vulnerability identifier: None
Platform:  Windows, Macintosh, Linux and Chrome OS

Release Notes

Pages: [1] 2 3 ... 79