Friday, December 10, 2010

More December Security Patches: QuickTime, Firefox, and a huge Patch Tuesday coming

The second week in December is starting with a bunch of patching.  So far this week, we have QuickTime, Firefox, and Thunderbird with security updates, and next Tuesday promises to be another record Patch Tuesday with patches for IE among other things.  (Updated Fri 10 Dec 2010  18:31 MST)

Apple QuickTime Patch Fixes 15 Flaws — Krebs on Security
Apple this week issued an update that plugs at least 15 security holes in its QuickTime media player.  The patch – which brings QuickTime to version 7.6.9 — quashes several critical bugs that could be exploited to install malicious software were a user to load a poisoned media file. Updates are available for both Mac and Windows versions of the program.

More links:

Mozilla Firefox 3.6.13, Thunderbird 3.1.7

The Mozilla Foundation has released Firefox 3.6.13 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated privileges, spoof the location bar, or operate with elevated privileges.

More links:
Update Fri 10 Dec 2010 18:31 MST:

MS Patch Tuesday heads-up: 17 bulletins, 40 vulnerabilities | ZDNet
The December batch of patches will cover security holes in Microsoft Windows, Office, Internet Explorer, SharePoint and Exchange, according to an advance notice posted Thursday.

Of the 17, Microsoft said two bulletins will be rated “critical,” the company’s highest severity rating.  Of the remainder, 14 will be rated “important.”
More links:

And for a final note, if you use CCleaner, you should update to version 3.01. It has lots of improvements. Get a portable version from the CCleaner - Builds page.

Piriform Blog - CCleaner v3.01
Change log:
  • Improved application startup time and INI loading speeds.
  • Removed need to reboot for Index.dat cleaning.
  • Improved cookie cleaning in Firefox 4.0 Beta 7.
  • Improved Chromium based browser detection and cleaning.
  • Added support for Adobe Reader 10 and Acronis True Image.
  • Improved cleaning for 7-Zip, Adobe Reader 9.0, Microsoft Silverlight Isolated Storage, WinPatrol and Microsoft Management Console.

No comments: