Mozilla Messaging released a security update to all versions of Thunderbird 10 on February 16, 2012. The Thunderbird 10.0.2 security release addresses a bug in the lipng reference library which could cause an integer overflow or truncation. This in turn could be exploited and could result in execution of arbitrary code on a victim’s system when viewing a specially crafted PNG image in an affected mail client. More info here. Users can update via Help > About Thunderbird or manually update and install from getthunderbird.com
February 17, 2012
Adobe released an update to Flash on February 15th to address an exploit that affected Internet Exploiter users. Even if you don’t use IE, you should still update your Flash plugins. Also this would a good time to check on the ‘health’ of your other Firefox plugins. You can do this from within Firefox by going to Tools > Add-ons and then clicking the link Check to see if your plugins are up to date. This will open the Mozilla plugin checker site in a new tab where a quick scan will tell you which plugins needs to be updated.
Mozilla released a security update to all versions of Firefox 10 on February 16, 2012. The Firefox 10.0.2 security release addresses a bug in the lipng reference library which could cause an integer overflow or truncation. This in turn could be exploited and could result in execution of arbitrary code on a victim’s system when viewing a specially crafted PNG image in an affected browser. More info here. Users can update via Help > About Firefox or manually update and install from getfirefox.com
Big changes are coming to the way Firefox updates. With these improvements users are going to be able to start running the updated version and the update process is going to be a lot smoother for Windows Vista and 7 users. Changes include how the updates are downloaded and installed as well being able to apply updates without Windows Vista and 7 users having to continually giving the application ‘permission’ to update (UAC prompts). More technical details can be found on Laurence Mandel’s Blog.