Tech site GeekSmack.net claims to have obtained a beta release of Microsoft's upcoming Service Pack 1 for Windows 7 and has posted the first screenshots of the build.
While we don't recommend it, for those of you who want to go gallivanting around the web looking for the same beta, GeekSmack says the full build string is 6.1.7601.16537.amd64fre.win7.100327-0053.
"The install process is much of what you would expect from a service pack installer, but one thing I noticed is that the installation is MUCH faster than the install process for service packs on Vista was, which is a very welcome change," TechSmack noted.
There are a bunch of screenshots to gawk at, including a few from after the service pack was applied. Looks legit, and falls in line with Microsoft recently announcing that service packs for both Windows 7 and Windows Server 2008 R2 were forthcoming. According to Microsoft, SP1 for Windows 7 would mostly contain "minor updates."
Mozilla on Thursday issued an update to Firefox bringing the current version to 3.6.3. The update fixes a "critical" security flaw that was exploited during the recent Pwn2Own contest.
"A memory corruption flaw leading to code execution was reported by security researcher Nils of MWR InfoSecurity during the 2010 Pwn2Own contest sponsored by TippingPoint's Zero Day Initiative," Mozilla said. "By moving DOM nodes between documents Nils found a case where the moved node incorrectly retained its old scope. If garbage collection could be triggered at the right time then Firefox would later use this freed object."
According to Mozilla, the contest winning exploit only affects Firefox 3.6 and not any previous versions of the popular open-source browser. However, the browser-maker said it will play it safe and soon issue a patch for Firefox 3.5 just in case there's another way of triggering the bug.
Still rocking an older version of Firefox? If so, you should seriously consider upgrading, because after today, Mozilla won't be releasing any more updates. In the meantime, you can buy a little extra time by downloading Firefox 3.0.19 or 3.5.9.
"As part of Mozilla's ongoing security and stability update process, Firefox 3.5.9 and Firefox 3.0.19 are now available for Windows, Mac, and Linux for free download," Mozilla said. "As always, we recommend that users keep up to date with the latest stability and support versions of Firefox, and encourage all our users to upgrade to the very latest version, Firefox 3.6.2.
"Please note: This is the last planned security and stability release for Firefox 3.0."
Most of the fixes are pretty boring from a non-programming standpoint (compilation error in gfxFonTest.cpp on AIX 5.1, for example), but there a few standouts, such as addressing "very slow decoding of png."
At long last, the wait is finally over for Motorola Droid owners. Starting today, Verizon said it has begun rolling out the Android 2.1 update. Earlier this month, Droid owners were left in the dark as to when the update would ship, with Verizon only saying "TBD."
Android 2.1 introduces a bevy of enhancements, some of which include:
Support for Yahoo Mail
Pinch to Zoom support in the Browser, Maps, and Gallery
Speech-to-Text in text entry boxes
Google Googles comes preloaded
New Gallery with 3D layout
Verizon has broken the rollout into different segments, sending it to 1,000 Droid owners at noon and then 9,000 at 11:59PM. After that, there will be a 24-hour period when no additional upgrades will be delivered. On April 1, 200,000 users will receive the update, Verizon said, and the schedule will continue each day thereafter until all Droid users have received it.
For those of you rocking a Mac, Apple on Monday released a software update for Mac OS X Snow Leopard bringing the current version to 10.6.3.
The latest update plugs a whole bunch of security holes, addressing everything from improved validation of MPEG encoded movie files to preventing remote attackers from extracting information from Open Directory, as well as a little love for more secure Wi-Fi. There are 69 security related updates in all, of which you can view here.
Version 10.6.3 also includes several stability and compatibility enhancements, some of which include:
address compatibility issues with OpenGL-based applications
address a color issue in iMovie with HD content
improve the reliability of 3rd party USB input devices
improve printing reliability
Apple also took a step towards better error reporting. In addition to the Crash Reporter state data, updated Macs will also include recent system loga information as well as details about the apps and hardware devices installed.
Simple. Easy. Efficient. Page Monitor is one of the most stress-free extensions you could possibly slap onto Google Chrome. However, don't let its simplicity fool you--the feature it builds into the browser sits somewhere between a Twitter and an RSS feed, yet it's one that is still entirely useful for anyone who checks a batch of favorite Web pages on a daily basis. That would be all of you.
We suppose one way to protect users from a malware infestation is to prevent Windows from loading in the first place, and that's exactly what BitDefender did, though not on purpose. Borked WIndows installations were the inadvertent result of an overzealous definitions update that mistakenly detected several windows and BitDefender files as infected with Trojan.FakeAlert.5.
"We apologize for the issues that you are experiencing because of an update released today for Windows 64-bit systems," BitDefender told its customers. "The faulty update has been removed and we are quickly working on a fix for the issue experienced by the users that downloaded the update."
BitDefender has since issued a software patch along with instructions on how to apply it if your system refuses to boot. The company also warns that "there have been several 'self help' articles on the Internet that do not fully solve the problem" and is instructing users to only follow BD's official instructions.
We talked to BitDefender about this issue and were told that "due to the fast reaction with a reversed update after the faulty one, there has only been a few hundred machiens that were critically affected; however at this moment many of them have had one-to-one support.
They will have to pick either one of the three options available to them: Ask Later, No Thanks, or Get the New Version. Mozilla also tried to address a widespread apprehension that already installed Firefox add-ons and Firefox 3.6 may prove to be incongruous. “It’s fast, stable, compatible with over 90% of the thousands of Firefox Add-ons, and contains new features such as lightweight themes and plugin version checking,” Shapiro wrote in a clear bid to allay such fears.
This upcoming Patch Tuesday won't be anything like the one last month, in which Microsoft plugged 26 security holes with 13 bulletins, some of which included critical vulnerabilities for Windows.
Those numbers are way down, according to Microsoft, who announced on Thursday it will issue two bulletins to fix just eight vulnerabilities, all of which are being rated as "important."
"We recommend that customers review the Advance Notification webpage and prepare to deploy these bulletins as soon as possible," Microsoft wrote in an official blog post. "To provide additional guidance for deployment prioritization, customers should note that both bulletins will address issues that would require a user to open a specially crafted file. There are no network based attack vectors."
In addition, Redmond said it is continuing to monitor a VBScript issue disclosed on Monday. The software maker said there are currently no known attacks, but is "encouraging" customers to apply the suggested workarounds in the advisory nonetheless.
Do you download updates and plug up your Windows install every 5 days? According to security service vendor Secunia, such is the burden the average Windows user faces.
"It's completely unreasonable to expect users to master so many different patch mechanisms and spend so much time patching," said Thomas Kristensen, the chief security officer of Secunia
Secunia came by its numbers by analyzing the results of its Personal Software Inspector (PSI), a free tool that scans PCs and compiles a list of potentially vulnerable software. According to Secunia, half of those who ran the program in January had 66 or more programs from 22 or more different vendors on their machines, which was also concerning to the company.
"That's why we called for software vendors to create a unified patching standard last year," said Kristensen. "A few vendors said 'We want to hear more,' but a lot just ignored us or turned down the idea outright."