Hooray! Another free update for Team Fortress 2! But this one, er, asks you to spend money. Easy now, put down that irate message board post. You wouldn't want to do anything you'll end up regretting, after all. Plus, this isn't quite as bad as it looks. Don't believe us? Let's hear what Valve has to say.
“We never really think about the money TF2 makes when we’re thinking about what to do. In this case, the thing that we are trying to build is a framework for a more robust collaboration with the community on content creation. This has been one of TF2’s main drives for some time now. In other games, community creators build content after the release, and it forever remains inaccessible to most players,” Valve told our sister site PC Gamer, who – as per usual – leaped all over this story like a rabid fox that's mistaken your face for a delicious baby bunny.
“We view the Mann-conomy as the next, crucial step in the evolution of how communities interact with products. Now they’ll not only be able to contribute to the product, they will be directly compensated for their work.”
Oh, there's also this exceedingly important bit from Valve's Mann-conomy FAQ:
“Our plan is to continue updating TF2 just like we always have, adding free maps, game modes, new features, and more. The Mann Co. Store is simply an alternative way of obtaining items that other players can earn during gameplay.”
Phew. Plus, almost every item – aside from a few minor cosmetic ones – can be unlocked through traditional means such as random drops and crafting, in addition to new methods like trading and winning mid-match duels. Yes, duels. Now you can daintily slip off the white lace glove of war and slap someone in the face with it. If they accept your duel challenge, they'll be highlighted during the match, and the game will keep track of how many times you've killed one another.
Currently, Valve's marketplace features a smattering of its own items and 17 new community created items, which – according to Valve – equate to “about five new class updates.” In the words of some guy on the street we just talked to: “Yeah, I guess it's a pretty big deal. Who are you? You said there would be food.”
Microsoft today issued an out-of-band security update to tackle a bug in ASP.NET that is being exploited in the wild. Following a public report of the vulnerability, the Redmond outfit confirmed the bug in a Security Advisory (2416728) on September 17. MS, in its advisory, had expressed concerns that hackers could use the Windows Web server flaw to “view data, such as the View State, which was encrypted by the target server, or read data from files on the target server, such as web.config.”
"Based on our comprehensive monitoring of the threat landscape, we have determined an out-of-band release is needed to protect customers, as we have seen limited attacks and continued attempts to bypass current defenses and workarounds," the company told the IDG News Service.
The fix covers all supported Windows versions. The update is currently only available through the company's download center, and not through Windows Update, meaning that it can only be installed manually.
"This is the first time we've released [an] update this way, but due to the nature of the active attacks and the severity of the potential loss of data, we are releasing the security update to the Microsoft Download Center first so customers (specifically large enterprises, hosting providers and ISVs) can begin updating their systems.”
Motorola Droid X owners will be happy to know that Verizon has begun rolling out Android 2.2, otherwise known as Froyo, as an over-the-air (OTA) update. If you haven't already, you should be receiving it within the next few days.
Android 2.2 brings a number of enhancements to the Droid X, some of which include:
Native Adobe Flash Player 10.1
Enhanced browser performance
Automatic app updates
Improved Exchange support
Transition from Wi-Fi and 3G without losing data connection
For those of you feeling impatient, you can force an update immediately. To do so, tap Menu from the main menu, select Settings - About phone - System updates. Mash the download button and follow the on-screen instructions to install.
Sony's latest PS3 firmware update is sure to please those PS3 owners who have already bought into the 3D hype. Firmware v. 3.50, which the company began rolling out today, brings 3D Blu-ray support to the console, turning it into a 3D Blu-ray player. Of course, you will still need to ensure that the PS3 is connected to a 3D TV. As some of you might recall, Sony enabled stereoscopic 3D gaming on the PS3 through a similar firmware update in April, before proceeding towards offering 3D game titles through the PlayStation Network for the first time in June. So now “the only console on the market that can support full stereoscopic 3D gaming” is also a full-fledged 3D Blu-ray player.
If you run a 64-bit version of Linux, take note, your system may be vulnerable to attack. Red Hat recently announced an exploit that would allow a local, unprivileged user to escalate their privileges, and while there are published workarounds, they may not completely plug up the security hole.
"The published workarounds that we've seen, including the workaround recommended by Red Hat, can themselves be worked around by an attack to still exploit the system," Jeff Arnold, CEO of Ksplice, said in a blog post. "For now, to be responsible and avoid helping attackers, we don't want to provide those technical details publicly; we've contacted Red Hat and other vendors with the details and we'll cover them in a future blog post, in a few weeks."
In the mean time, Ksplice -- which isn't a free service, but does offer a free trial -- can be used to receive advance notice of upcoming patches.
"Although it might seem self-serving, I do know of one sure way to fix this vulnerability right away on running production systems, and it doesn’t even require you to reboot: you can (for free) download Ksplice Uptrack and fully update any of the distributions that we support (We support RHEL, CentOS, Debian, Ubuntu, Parallels Virtuozzo Containers, OpenVZ, and CloudLinux," Arnold explains. "For high profile updates like this one, Ksplice optionally makes available an update for your distribution before your distribution officially releases a new kernel). We provide a free 30-day trial of Ksplice Uptrack on our website, and you can use this free trial to protect your systems, even if you cannot arrange to reboot anytime soon. It’s the best that we can do to help in this situation, and I hope that it’s useful to you."
Keep in mind that if an attacker has already comprised one of your Linux rigs, updating the system won't do a lick of good by itself since the exploit installs a backdoor. You can use this test tool to find out for sure.
For those of you still getting your PDF fix with Adobe's Acrobat software, you might have been tempted to install an unofficial security patch from security and software firm RamzAfzar. The third-party fix replaces the vulnerable CoolType.dll, addressing a critical Reader bug Adobe disclosed earlier this month.
"We've decided to modify this strcat call and convert it to strncat. Why? Because strncat at least receives the buffer size and how much bytes you want to copy from src do dest," RamzAfzar explains about its patch.
According to Threatpost.com, Adobe confirmed in an email that the unofficial patch does seem to stop vulnerable versions of Reader from crashing, but warns there are always concerns with installing software from unknown sources. As Adobe explains, a DLL is the equivalent to an EXE and users should never install these from an untrusted publisher. In addition, users will have no guarantee that future Adobe updates will work after applying third-party patch jobs. And finally, Adobe warns that altering the DLL might break functionality and could disrupt critical workflows.
But is it really as dangerous as Adobe warns? Maybe, maybe not. The unofficial patch has the backing of at least one security researcher who earlier this week tweeted that it works as advertises, and nothing more.
AMD has made available its ATI Catalyst 10.9 software suite, which you can download directly from AMD or access via your Steam account.
There are only a handful of performance improvements in the latest release, including double digit gains in Stalker: Call of Pripyat benchmark for HD 5700 and HD 5800 graphics cards owners, and single digit performance gains in The Chronicles of Riddick: Assault on Dark Athena for HD 4800, HD 5700, and HD 5800 owners.
Some new profiles have been added and updated (Aliens Vs Predator, Battlefield: Bad Company 2, F1 2010, Kane & Lynch 2), as well as a handful of resolved issues for Windows 7, Vista, and XP.
Mozilla was quick to release a couple of new versions of Firefox -- version 3.6.10 and version 3.5.15 -- just one day after turning off update notfications to address a bug that was causing headaches for some people.
The bug, which seemingly popped out of nowhere, caused the browser to crash during launch. It wasn't something that was detected in pre-release versions.
"Interesting that this doesn't show up in the top 300 crashes in 3.6.9pre or 3.5.12pre," Christian Legnitto, Firefox release manager, said in a bug comment.
Later on, Legnitto said that even though this caused a spike in the number of Firefox crashes, it was still a "drop in the bucket vs. active daily users." Nevertheless, "because it is a crash on start-up that could prevent people from using Fireofx entirely, we feel it was best to get a fix out quickly."
You can grab the latest version here (3.6.10) or here (3.5.13), or hit the "Check for updates" option in Firefox's Help menu.
Sony this week announced a new firmware release for the PlayStation 3 that will expand the console's 3D capabilities.
"We've announced that the PS3 system will be able to play back 3D content on Blu-ray 3D discs with the system software update (v3.50), slated for release on September 21," Sony wrote in a blog post. "We know that many consumers have purchased 3D TVs already and more of you will be purchasing them as the holidays approach -- so we're excited to offer this firmware update that makes all 38 million PS3s worldwide compatible with Blu-ray 3D discs."
PS3 owners have been able to play stereoscopic 3D games with the 3.30 firmware update released in April, but 3D movies wasn't yet part of the package. That changes next week, however there's a small caveat. Unlike dedicated 3D Blu-ray players, some parts of the menu and other minor portions of some DVDs will remain in 2D, Sony said.
Sony also recently updated its list of supported 3D games for the PS3 during, including Final Fantasy XIV (due out in March), Everybody's Golf 5, Disaster Report 4: Summer Memories, and Metal Gear Solid: Rising.
Sony has been teasing PlayStation 3 console owners that a firmware update slated for September would inject support for Blu-ray movies in 3D, but now it appears users will have a wait just a little longer. Citing un-named sources, Fudzilla says Sony has decided to push the update back a month.
There's no word on why the update is being pushed back until October, only that it is. When it does come, however, it will open the door to a variety of 3D rendering-related content, including 3D YouTube videos and PlayTV broadcasts. It's expected that the 3D upgrade will also support the add-on HDTV/DVR device Sony offers for the PS3.