This upcoming Patch Tuesday won't be anything like the one last month, in which Microsoft plugged 26 security holes with 13 bulletins, some of which included critical vulnerabilities for Windows.
Those numbers are way down, according to Microsoft, who announced on Thursday it will issue two bulletins to fix just eight vulnerabilities, all of which are being rated as "important."
"We recommend that customers review the Advance Notification webpage and prepare to deploy these bulletins as soon as possible," Microsoft wrote in an official blog post. "To provide additional guidance for deployment prioritization, customers should note that both bulletins will address issues that would require a user to open a specially crafted file. There are no network based attack vectors."
In addition, Redmond said it is continuing to monitor a VBScript issue disclosed on Monday. The software maker said there are currently no known attacks, but is "encouraging" customers to apply the suggested workarounds in the advisory nonetheless.
Do you download updates and plug up your Windows install every 5 days? According to security service vendor Secunia, such is the burden the average Windows user faces.
"It's completely unreasonable to expect users to master so many different patch mechanisms and spend so much time patching," said Thomas Kristensen, the chief security officer of Secunia
Secunia came by its numbers by analyzing the results of its Personal Software Inspector (PSI), a free tool that scans PCs and compiles a list of potentially vulnerable software. According to Secunia, half of those who ran the program in January had 66 or more programs from 22 or more different vendors on their machines, which was also concerning to the company.
"That's why we called for software vendors to create a unified patching standard last year," said Kristensen. "A few vendors said 'We want to hear more,' but a lot just ignored us or turned down the idea outright."
Quick. A project just came on your radar, but you've got a lot on your plate already. You don't want to forget about a key fact or detail of what you have to do, but it's almost closing time. Or maybe you're just lazy and don't have any of those yellow sticky notes nearby to write down the details. Or maybe you just don't feel like logging on to your Google Calendar to create yet another reminder of whatever it is you have to accomplish.
Lots of possible scenarios, one awesome solution. This week's featured Web app is the ultimate reminder tool for any little fact or meeting time that you need to keep on your radar. It's extremely simple to use--in fact, it would probably take you less time to schedule yourself a little task update using this tool than it would any other software application there is, period. It's even faster to access than Notepad.
The name of the app is (appropriately enough) Remindr. Don't schedule the reading of this post for later. Click the jump right now and I'll give you a quick look at what this awesome Web app actually does!
Microsoft will soon make it more difficult for pirates to pillage Windows 7 when it closes a whole bunch of activation workarounds via an upcoming update. According to Microsoft, the Windows Activation Technologies Update for Windows 7 will close more than 70 "activation hacks.
Perhaps less appealing to the mainstream consumer, the update will also dial into a Microsoft server every once in awhile to help detect and root out any further hacks. Of course, this comes with the standard claim that no personally identifiable information about the user will ever be sent, but nevertheless, we can't see privacy advocates being too thrilled with this one.
Joe Williams, general manager of Microsoft's Genuine Windows unit, justifies the measures by calling attention to all the malware that's associated with non-genuine versions of Windows.
"We do see malicious code -- everything from easily discoverable malware to keyboard recording," Williams said. "There's all sorts of things we've seen that puts our customers at risk and their data at risk."
For those who want to get a jump start on the update, it will be made available as a manual download starting February 16th from Microsoft's genuine website, and the Microsoft Download center a day alter. Later on this month, it will be classified as an "important" yet optional update through Windows Update.
Good news for Nexus One owners. Google yesterday began rolling out an over-the-air software update aimed at fixing a few problems users might have been having, as well as adding a handful of new features, including pinch-to-zoom functionality in the phone's Browser, Gallery, and Maps applications.
Google Maps also received a bit of attention in the latest update (to version 3.4). Starred items are now synchronized with maps.google.com, giving users the ability to access their favorite places from their phone or PC. It also now includes search suggestions from the user's personal maps.google.com history, and Night mode in Google Maps Navigation now automatically changes the screen at night.
Other new features include the addition of Google Goggles directly on the device by launching it from the All Apps menu, and a "general fix to help improve 3G connectivity on some Nexus One phones."
If you haven't received the update just yet, don't fret. Google says it's rolling out firmware gradually and that most users might not receive the update notification until the end of the week.
If you're a Nexus One owner struggling with 3G connectivity problems, hang tight, because a fix is on the way, Google said on Monday.
"Our engineers have uncovered specific cases for which a software fix should improve connectivity to 3G for some users," a Google employee named Ivar said in a Google Nexus One support forum. "We are testing this fix now, initial results are positive, and if everything progresses as planned, we will provide an over-the-air software update to your phone in the next week or so."
Ivar was quick to caution, however, that the fix won't address all 3G problems users have reported having, especially those that are the result of "being on the edge or outside of 3G coverage, which a product fix cannot address."
Besides the added pace, it comes packed with a bunch of new features and subtle improvements, out of which the new Personas feature and automatic plugin updates are the notable ones. Using Personas, it is now possible to personalize the browser's appearance with a single click and without a restart. Mozilla's online repository of Personas for Firefox boasts over 35,000 designs.
The latest Firefox version is sensitive to outdated browser plugins. Its ability to automatically detect outdated plugins may not be revolutionary but is a welcome addition from a security standpoint. Also, there are a few under-the-hood improvements aimed at developers.
A few habits separate the average Web surfer from the hyper-obsessive or "geek" Web surfer. Average Web surfers browse from site to site in a spidery fashion, allowing the contents of one to link them to the landing page of another. These pages, in turn, become new gateways for successive clicks in a giant, unfolding map of activity. Average Web surfers might have a few sites they like to hit up from time to time, but their general browsing habits are more random voyage than predestined path.
Geeks are not that. A geeky Web surfer has a set list of sites that are nothing short of awesome. These sites are scoured as much as your average preteen checks Facebook on a daily basis, if not more. Every last drop of useful information is extracted from each browsing session, and every one of these sites contains a melting pot of useful hyperlinks for adding extra innings to the surfing experience. Geeks will settle for nothing less than a constant influx of news and information.
The Firefox add-on Update Scanner bridges these two extremes by delivering a useful tool for browsing sessions of all shapes and sizes. Click the jump to see what it does!
If you haven't noticed by now, Mozilla has begun pushing out the latest update to its open-source Firefox browser, version 3.5.7. There aren't a ton of changes in the incremental update, but one of the fixes could help boost Firefox 3.5 numbers. Apparently there was a problem in which Firefox users weren't being properly notified when a major upgrade is available.
"What's happening is that users who do not leave their browser open for 12 hours...will never see the major update dialog, only a little notification slider," said Mike Beltzner, Mozilla's director of Firefox, in a December comment. "We need to fix this immediately on all branches. Added bonus: we're about to goose our Firefox 3.5 numbers!"
In addition to the update bug, the latest release fixes a "common stability issue" that was causing Firefox to crash.
Torchlight’s a fantastic game – no doubt – but let’s be honest here; the devilishly addictive Diablo clone only contains about three different types of objectives. Fortunately, Runic’s released an update that adds 60 Steam Achievements, which sounds like just the thing to spice up that fifth playthrough you’ve been mulling over.
In addition, for those who want to send their saves to the eternal save haven that is the Steam Cloud, Torchlight now supports that too. And, to sweeten this deal that we erroneously declared “spicy” only two sentences ago, Torchlight’s 50% off until Monday.
That puts one of the best PC-exclusives of the year at $10. If this doesn’t excite you, check your pulse, because you’re probably dead. Or you already own Torchlight, which would explain why it’s suddenly so intelligent in here.