Imagine being told that you're in danger for the next couple of days and that there's nothing you can do about it but sit tight and wait it out. Talk about suckage. Well, that's essentially what the OpenSSL Project just did, though there's a reason behind it. The OpenSSL Project announced plans to plug up several security holes, including one that's classified as "high severity," in a series of updates scheduled for March 19.
The encryption flaw was previously thought to only affect Google and Apple products
A few days back, Apple and Google products were found to be affected by a longstanding vulnerability, which stems from a now-defunct U.S. government regulation enjoining tech companies to use encryption no stronger than 512 bits in “export-grade” software — so that it could maintain a cryptographic edge over its adversaries. Well, how could Microsoft be left behind? The Redmond-based company issued a security advisory Thursday to warn that all supported versions of Microsoft Windows are also affected by FREAK (Factoring attack on RSA-EXPORT Keys), as the SSL/TLS flaw is called.
Fixes for vulnerabilities in 48 different products
Oracle today rolled out a Critical Patch Update for the month of January 2015, which contains fixes for 167 vulnerabilities found in hundreds of the company's products. The most severe of these received a score of 10.0 on the Common Vulnerability Scoring System (CVSS), the highest score available -- they pertain to Fujitsu M10-1 of Oracle Sun Systems Products Suite, Java SE of Oracle Java SE, M10-4 of Oracle Sun Systems Products Suite, and M10-4S Servers of Oracle Sun Systems Products Suite.
Around one out of 10 Windows 10 users ran into trouble when trying to install a update intended to fix a problem that was causing Explorer.exe to frequently crash following an upgrade to Windows 10 Build 9879. The problem was further exacerbated by the fact that Microsoft said it didn't have a new build planned until early 2015. If you're one of the people who ran into trouble, here's a heads up that Microsoft has released a hotfix to address the issue.
This is one of those cases where it's not okay to shoot the messenger (is it ever?), but in case you were wondering, a patch for Call of Duty: Advanced Warfare is coming soon. Developer Sledgehammer Games says so, as does Captain Obvious, who points out that post-release patches for major titles are as common as post-releases patches for major titles (he's a smart one, that Captain Obvious).
When a Microsoft exec revealed that company currently has no plans of porting Internet Explorer over to Android and iOS during a Reddit Ask Me Anything (AMA) session, we were left scratching our heads as to why that might be. Here’s a possible explanation: It could be that the Internet Explorer team is too busy fixing IE for Windows to build entirely new versions of the browser.
Watch Dog's appetite for video RAM seems to be the root cause of performance problems on the PC
After all the anticipation and patient waiting, Ubisoft's Watch Dogs title arrived on PC and several different game consoles earlier this week. Unfortunately, performance on the PC isn't up to par. Users have complained of lag, stuttering, and weird graphical anomalies when playing Watch Dogs, all of which appear to be due to the game's heavy reliance on VRAM. That's the bad news. The good news is that a performance patch for Watch Dogs on PC is coming.
A Mantle patch is coming, but bug stomping takes top priority
AMD anticipated Battlefield 4 (BF4) being the first PC title to support its new Mantle API via a patch that was supposed to be made available before the end of the month. As it stands, BF4 will still be the first Mantle-optimized title, but the promised patch won't debut until sometime next month. Word from those in the trenches is that fixing various bugs in BF4 is taking a bit longer than expected.
A newly discovered security hole in Office could allow remote code execution
Microsoft has discovered a vulnerability in the graphics component of its Windows, Office, and Lync software that could allow hackers to execute malicious code from a remote location. The software giant said it is aware of targeted attacks that attempt to exploit the vulnerability in Office and has suggested a series of workarounds until it can issue a permanent patch. In the meantime, Microsoft has made available a piece of "Fix it" software to automatically apply the workaround procedures in affected products.
Update applies to Windows 8.1, Windows RT 8.1, and Windows Server 2012
One of the most anticipated feature updates introduced with Windows 8.1 was the upgrade to Internet Explorer 11. The new browser was built with touch computing in mind and included several nifty upgrades, such as the ability to have 100 tabs open per window, side-by-side browsing, support for plugin-free HTML5 video, a Reading View, and more. Unfortunately, it also introduced some quirks, which Microsoft hopes to fix with a new patch.