Microsoft tomorrow will issue 10 security bulletins to address 34 security vulnerabilities found in Windows, Office, and Internet Explorer, the Redmond outfit announced. Three of the bulletins have been rated as "Critical," which would allow an attacker to take full control of the affected machine, while the remaining seven are listed as "Important," the second-highest rating in Microsoft's four-point scale ("Moderate" and "Low" being the remaining two).
This is a large update that will give IT admins plenty to do this week. All three critical vulnerabilities affect all Windows OS versions, including XP, Vista, Windows 7, and Windows Server 2008, as well as several versions of Internet Explorer.
What exactly all these security fixes will address hasn't yet been disclosed, though six of them deal with Remote Code Execution, three with Elevation of Privilege, and one addresses a Tampering vulnerability. Two of the updates -- including one ranked as Critical -- will require a system restart, while the remaining eight may require rebooting, Microsoft said.
Don’t get us wrong: Steam’s a wonderful platform built on a rock-solid foundation of functionality and excellent deals. We wouldn’t trade that for the world. But we’re also incredibly vain people, and we have to admit that – for a while there – we had to imagine other game platforms when we were in bed with Steam. Playing games. On our laptops.
Now, though, everything’s shiny and new again. Valve’s completely overhauled Steam, upping the platform’s geek chic factor with a brand new coat of paint. On top of that, the new Steam brings with it a slew of new features, which Valve has handily outlined here. The long and short of it, however, is this: a revamped friends list, a customizable news feed, a more functional achievement system, and a games library that you don’t need a GPS to navigate.
So then, if you haven’t done it already, make with the downloading. Well, unless you’re a Mac user. Then, according to Valve, you’ll be playing the waiting game for a bit longer. “Soon” is the official word. Let’s be honest, though: you’ve already waited for years. What’s another month or two?
In a blog post on Wednesday, Eric Lempel, Director of Sony's PlayStation Network Operations, announced a "mandatory update" (version 3.30) which he says will be available shortly. Most of the added features have to do with sorting options within Trophies, including:
Trophy Enhancements: It's now easier to sort trophies in the Trophy Collection and Comparing Trophy sections.
Trophy Folder (Title List): this can be sorted by game name or title according to teh date in which they were earned
Add-on List (Group List): can be sorted by original/the date in which yu earned your last trophy (ascending/descending)
Trophy List: can be sorted by original/trophy name/grade/date of obtaining the trophy (ascending/descending)
The update also readies the PS3 console for some upcoming features, most notably 3D stereoscopic gaming "which is coming soon to the PS3."
This is the Sony's second firmware upgrade in less than a month, and it's interesting that this latest one is being described as mandatory. On April 1st, Sony released firmware version 3.21, which was primarily to kill off the "Install Other OS" feature. While this was an optional update, users who opted not to install it would lose key features, such as the ability to sign in to the PlayStation Network.
Starting this Tuesday, April 13, Sun's Solaris operating system will receive quarterly security patches, Oracle announced. This comes as good news for Solaris users, who will now know months in advanced when they will be getting security updates.
Solaris isn't the only bit of Sun software to be included in these updates. According to Oracle, the next update will include 16 security fixes for a number of Sun products, including Sun Cluster, Sun Convergence, and the Sun Ray server software.
Prior to Oracle's takeover of Sun, Solaris and other Sun products were typically updated on an as-needed basis rather than any type of set schedule. After Tuesday, the next set of updates will roll out on July 13.
In a blog post this week, Adobe announced it has been testing out a new updater technology with select beta customers since the company's October 13, 2009 quarterly update. The goal, Adobe says, is to streamline and automate updates with little to no user intervention.
Adobe is apparently happy with the tests so far is now "ready for the next phase of deployment." On Tuesday, April 13, 2010, Adobe said it will activate the new update for all users needing Adobe Reader and Acrobat 9.3.2 and 8.2.2 for Windows and Macintosh.
The new updater will give Windows users the option of selecting "Automatically install updates." If selected, the updater waits for the system to become idle "to avoid disturbing the user" and proceeds to download and install the security patches.
For those concerned about privacy, Adobe promises that it has "no plans to activate the automatic option by default without prior user consent."
Tech site GeekSmack.net claims to have obtained a beta release of Microsoft's upcoming Service Pack 1 for Windows 7 and has posted the first screenshots of the build.
While we don't recommend it, for those of you who want to go gallivanting around the web looking for the same beta, GeekSmack says the full build string is 6.1.7601.16537.amd64fre.win7.100327-0053.
"The install process is much of what you would expect from a service pack installer, but one thing I noticed is that the installation is MUCH faster than the install process for service packs on Vista was, which is a very welcome change," TechSmack noted.
There are a bunch of screenshots to gawk at, including a few from after the service pack was applied. Looks legit, and falls in line with Microsoft recently announcing that service packs for both Windows 7 and Windows Server 2008 R2 were forthcoming. According to Microsoft, SP1 for Windows 7 would mostly contain "minor updates."
Mozilla on Thursday issued an update to Firefox bringing the current version to 3.6.3. The update fixes a "critical" security flaw that was exploited during the recent Pwn2Own contest.
"A memory corruption flaw leading to code execution was reported by security researcher Nils of MWR InfoSecurity during the 2010 Pwn2Own contest sponsored by TippingPoint's Zero Day Initiative," Mozilla said. "By moving DOM nodes between documents Nils found a case where the moved node incorrectly retained its old scope. If garbage collection could be triggered at the right time then Firefox would later use this freed object."
According to Mozilla, the contest winning exploit only affects Firefox 3.6 and not any previous versions of the popular open-source browser. However, the browser-maker said it will play it safe and soon issue a patch for Firefox 3.5 just in case there's another way of triggering the bug.
Still rocking an older version of Firefox? If so, you should seriously consider upgrading, because after today, Mozilla won't be releasing any more updates. In the meantime, you can buy a little extra time by downloading Firefox 3.0.19 or 3.5.9.
"As part of Mozilla's ongoing security and stability update process, Firefox 3.5.9 and Firefox 3.0.19 are now available for Windows, Mac, and Linux for free download," Mozilla said. "As always, we recommend that users keep up to date with the latest stability and support versions of Firefox, and encourage all our users to upgrade to the very latest version, Firefox 3.6.2.
"Please note: This is the last planned security and stability release for Firefox 3.0."
Most of the fixes are pretty boring from a non-programming standpoint (compilation error in gfxFonTest.cpp on AIX 5.1, for example), but there a few standouts, such as addressing "very slow decoding of png."
At long last, the wait is finally over for Motorola Droid owners. Starting today, Verizon said it has begun rolling out the Android 2.1 update. Earlier this month, Droid owners were left in the dark as to when the update would ship, with Verizon only saying "TBD."
Android 2.1 introduces a bevy of enhancements, some of which include:
Support for Yahoo Mail
Pinch to Zoom support in the Browser, Maps, and Gallery
Speech-to-Text in text entry boxes
Google Googles comes preloaded
New Gallery with 3D layout
Verizon has broken the rollout into different segments, sending it to 1,000 Droid owners at noon and then 9,000 at 11:59PM. After that, there will be a 24-hour period when no additional upgrades will be delivered. On April 1, 200,000 users will receive the update, Verizon said, and the schedule will continue each day thereafter until all Droid users have received it.