Sony's latest PS3 firmware update is sure to please those PS3 owners who have already bought into the 3D hype. Firmware v. 3.50, which the company began rolling out today, brings 3D Blu-ray support to the console, turning it into a 3D Blu-ray player. Of course, you will still need to ensure that the PS3 is connected to a 3D TV. As some of you might recall, Sony enabled stereoscopic 3D gaming on the PS3 through a similar firmware update in April, before proceeding towards offering 3D game titles through the PlayStation Network for the first time in June. So now “the only console on the market that can support full stereoscopic 3D gaming” is also a full-fledged 3D Blu-ray player.
If you run a 64-bit version of Linux, take note, your system may be vulnerable to attack. Red Hat recently announced an exploit that would allow a local, unprivileged user to escalate their privileges, and while there are published workarounds, they may not completely plug up the security hole.
"The published workarounds that we've seen, including the workaround recommended by Red Hat, can themselves be worked around by an attack to still exploit the system," Jeff Arnold, CEO of Ksplice, said in a blog post. "For now, to be responsible and avoid helping attackers, we don't want to provide those technical details publicly; we've contacted Red Hat and other vendors with the details and we'll cover them in a future blog post, in a few weeks."
In the mean time, Ksplice -- which isn't a free service, but does offer a free trial -- can be used to receive advance notice of upcoming patches.
"Although it might seem self-serving, I do know of one sure way to fix this vulnerability right away on running production systems, and it doesn’t even require you to reboot: you can (for free) download Ksplice Uptrack and fully update any of the distributions that we support (We support RHEL, CentOS, Debian, Ubuntu, Parallels Virtuozzo Containers, OpenVZ, and CloudLinux," Arnold explains. "For high profile updates like this one, Ksplice optionally makes available an update for your distribution before your distribution officially releases a new kernel). We provide a free 30-day trial of Ksplice Uptrack on our website, and you can use this free trial to protect your systems, even if you cannot arrange to reboot anytime soon. It’s the best that we can do to help in this situation, and I hope that it’s useful to you."
Keep in mind that if an attacker has already comprised one of your Linux rigs, updating the system won't do a lick of good by itself since the exploit installs a backdoor. You can use this test tool to find out for sure.
For those of you still getting your PDF fix with Adobe's Acrobat software, you might have been tempted to install an unofficial security patch from security and software firm RamzAfzar. The third-party fix replaces the vulnerable CoolType.dll, addressing a critical Reader bug Adobe disclosed earlier this month.
"We've decided to modify this strcat call and convert it to strncat. Why? Because strncat at least receives the buffer size and how much bytes you want to copy from src do dest," RamzAfzar explains about its patch.
According to Threatpost.com, Adobe confirmed in an email that the unofficial patch does seem to stop vulnerable versions of Reader from crashing, but warns there are always concerns with installing software from unknown sources. As Adobe explains, a DLL is the equivalent to an EXE and users should never install these from an untrusted publisher. In addition, users will have no guarantee that future Adobe updates will work after applying third-party patch jobs. And finally, Adobe warns that altering the DLL might break functionality and could disrupt critical workflows.
But is it really as dangerous as Adobe warns? Maybe, maybe not. The unofficial patch has the backing of at least one security researcher who earlier this week tweeted that it works as advertises, and nothing more.
AMD has made available its ATI Catalyst 10.9 software suite, which you can download directly from AMD or access via your Steam account.
There are only a handful of performance improvements in the latest release, including double digit gains in Stalker: Call of Pripyat benchmark for HD 5700 and HD 5800 graphics cards owners, and single digit performance gains in The Chronicles of Riddick: Assault on Dark Athena for HD 4800, HD 5700, and HD 5800 owners.
Some new profiles have been added and updated (Aliens Vs Predator, Battlefield: Bad Company 2, F1 2010, Kane & Lynch 2), as well as a handful of resolved issues for Windows 7, Vista, and XP.
Mozilla was quick to release a couple of new versions of Firefox -- version 3.6.10 and version 3.5.15 -- just one day after turning off update notfications to address a bug that was causing headaches for some people.
The bug, which seemingly popped out of nowhere, caused the browser to crash during launch. It wasn't something that was detected in pre-release versions.
"Interesting that this doesn't show up in the top 300 crashes in 3.6.9pre or 3.5.12pre," Christian Legnitto, Firefox release manager, said in a bug comment.
Later on, Legnitto said that even though this caused a spike in the number of Firefox crashes, it was still a "drop in the bucket vs. active daily users." Nevertheless, "because it is a crash on start-up that could prevent people from using Fireofx entirely, we feel it was best to get a fix out quickly."
You can grab the latest version here (3.6.10) or here (3.5.13), or hit the "Check for updates" option in Firefox's Help menu.
Sony this week announced a new firmware release for the PlayStation 3 that will expand the console's 3D capabilities.
"We've announced that the PS3 system will be able to play back 3D content on Blu-ray 3D discs with the system software update (v3.50), slated for release on September 21," Sony wrote in a blog post. "We know that many consumers have purchased 3D TVs already and more of you will be purchasing them as the holidays approach -- so we're excited to offer this firmware update that makes all 38 million PS3s worldwide compatible with Blu-ray 3D discs."
PS3 owners have been able to play stereoscopic 3D games with the 3.30 firmware update released in April, but 3D movies wasn't yet part of the package. That changes next week, however there's a small caveat. Unlike dedicated 3D Blu-ray players, some parts of the menu and other minor portions of some DVDs will remain in 2D, Sony said.
Sony also recently updated its list of supported 3D games for the PS3 during, including Final Fantasy XIV (due out in March), Everybody's Golf 5, Disaster Report 4: Summer Memories, and Metal Gear Solid: Rising.
Sony has been teasing PlayStation 3 console owners that a firmware update slated for September would inject support for Blu-ray movies in 3D, but now it appears users will have a wait just a little longer. Citing un-named sources, Fudzilla says Sony has decided to push the update back a month.
There's no word on why the update is being pushed back until October, only that it is. When it does come, however, it will open the door to a variety of 3D rendering-related content, including 3D YouTube videos and PlayTV broadcasts. It's expected that the 3D upgrade will also support the add-on HDTV/DVR device Sony offers for the PS3.
The said bug, which can be exploited using a special TrueType font, can be used to execute arbitrary code. According to Miller, Adobe first learnt of the vulnerability from Google security engineer Tavis Ormandy. "Apparently @taviso previously reported to Adobe the Reader 0-day I dropped at BH. Haha, ruined his effort at trying to be responsible," Miller quipped in a Tweet Tuesday.
Tavis Ormandy was recently in the crosshairs after he went public with a critical vulnerability in Windows' HCP protocol only a few days after notifying Microsoft about it.
Adobe is often maligned for the number of vulnerabilities in its software. Of course, one could argue that the prevalence of Adobe software has made it one of the most targeted 3rd party software vendor and there is little it can do to change that, but the fact is that the San Jose-based company has been leisurely in addressing security concerns.
With few exceptions, our advice has always been to purchase the fastest hardware you can afford right now rather than wait for something faster to come along when you're in need of an upgrade. Why? As any PC hobbyist will tell you, there's always something bigger, faster, and just plain better on the horizon, and once you get stuck playing the 'waiting game,' it's hard to ever pull the trigger.
We bring this up because EVGA has done something unique with its GeForce GTX 460 line. The graphics card maker recently released a new BIOS, which in and of itself isn't anything new, but this updated BIOS pushes the core/shader clockspeeds to 720MHz/1440MHz, up from 675MHz/1350MHz.
That's a generous 7 percent "Free Performance Boost," as EVGA calls its BIOS update, which only further sweetens the pot (EVGA cards are backed by a lifetime warranty, provided you register your card online within 30 days of purchase). Pessimists will point out that the clockspeed increases aren't going to make a huge difference in gaming performance, but hey, videocards boasting a 7 percent boost over reference clocks typically carry a pricing premium, and here EVGA is giving away performance bumps to existing owners. That's just rad.
You can snag the update here, being extra careful to follow EVGA's directions to a T.
We've touched on the impending demise of XP Service Pack 2 (SP2) on a couple of occasions in the past week or so, and if you were still caught off guard today by Microsoft ending support, then extend your leg and swing it back as far and as fast as possible, with the goal being to kick yourself in your own ass for failing to pay attention.
Whether you were ready for it or not, what happens now? For starters, Microsoft will stop sending out updates and security patches for the now-defunct version of Windows, leaving XP SP2 users vulnerable in a number of areas, including IE, WMP, and Outlook Express.
You do have some options, however, the most obvious one being to upgrade to SP3. If for whatever reason that's not an option and you're simply stuck on XP SP2, you can make the best of a bad situation by first and foremost getting rid of IE. It doesn't matter what version of Microsoft's popular browser you're running, you won't be receiving updates. Instead, consider (strongly) switching to any of the alternatives, such as Firefox, Chrome, Safari, or Opera, all of which will continue kicking out updates.
Other steps you can take: update other programs, install AV software (if you haven't already), keep your firewall running, and cross your fingers.