Bugs and Fixes: A Bonanza of Browser Bug Fixes
This month brings us significant browser security updates--or new versions--from Microsoft, Google, and Apple.
Internet Explorer 8, released in March, will appear as a high-priority update if you run Windows Update, but Microsoft says you'll be able to skip it even if you have Automatic Updates set to install applications without asking permission.
Some sites, including those within a company intranet, might not look right in IE 8, even when you use the compatibility mode. But you can always use Add or Remove Programs to uninstall the new version and roll back to IE 7, and IE 8 has several security enhancements.
Chrome users may have received a new version automatically without even realizing it. Google quietly distributed Chrome 2.0, which offers a full-screen mode and an improved new-tab page. The basic look and feel haven't changed. An auto-update released just prior to Chrome 2.0 fixed one critical security flaw that attackers could target with specially crafted images, and another that involves how the browser handles tabs.
If you use automatic updates, you likely have 2.0. To check, click the wrench icon in the upper-right and pick About Chrome.
Not to be left out, Apple issued a Safari update. Version 3 and version 4 beta (offered as the current download) require updates to close three holes in both the Mac and Windows versions. The flaws could allow "arbitrary code execution" if you visit a malicious Web page designed to target them. Run Apple Software Update to make sure you're current.
Microsoft QuickTime Problem
An as-yet-unpatched hole relates to how the Microsoft DirectShow framework for multimedia handles QuickTime content. You could trigger the flaw in Windows XP, 2000, and Server 2003 by opening a poisoned QuickTime file or by visiting a tainted Web site; the problem doesn't involve Apple software. Crooks can exploit the hole in quartz.dll and take control of a vulnerable PC regardless of whether you've installed QuickTime, Microsoft says. Vista, Server 2008, and Windows 7 are not affected.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
browser
Powered by Twitter
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
