Oracle pulls Java 6 plug, but Apple likely to keep patching OS X Snow Leopard
Apple on Monday patched Java 6 for OS X, following Oracle's lead and quashing a browser plug-in vulnerability that hackers have been exploiting.
Oracle issued the "out-of-band," or emergency, update for Java 6 and Java 7 to patch two critical vulnerabilities. One of those bugs -- designated CVE-2013-1493 -- has been exploited in the wild since at least Feb. 28, according to security firm FireEye, which discovered the attacks.
Because Apple maintains Java 6 for OS X -- unlike Java 7, which Oracle handles -- it followed with its own update, as usual. Read more...
Opera updated following unexplained Outlook.com lockout
Opera Software is working on a fix to ensure Microsoft’s Hotmail successor Outlook.com works in its browser.
Opera has pumped out Update 12.01 to make Outlook.com work with its browser but warned fans might continue to encounter problems with attachments. It has also patched a critical vulnerability in desktop versions of its browser software in the update.
The browser company said here: “There may still be some issues with attachments for the time being, but we are working on getting that taken care of as soon as possible too.”
The idea of Outlook.com is you can open Word, Excel, and PowerPoint attachments in a browser window through the hosted version of Office, Office Web Apps.
You can get Opera’s fix here.
Microsoft launched Outlook.com on Tuesday and immediately Opera users found themselves unable to use the service. Read more...
Where’s IE10 for Windows 7?
While Microsoft has regularly touted the improvements in Internet Explorer 10 on Windows 8, the company has said next to nothing about the browser and Windows 7, the operating system that powers 44% of all Windows PCs.
Last year, when Microsoft first introduced Internet Explorer 10 (IE10), it promised that the new browser would run on not only the new Windows 8's desktop mode, but also on 2009's Windows 7.
Even though the company has updated the previews of IE10 for Windows 8 six times, most recently May 31 when it shipped Windows 8 Release Preview, it stopped serving sneak peeks for Windows 7 more than a year ago.
The last preview capable of running on Windows 7 was issued June 29, 2011. Read more...
Chrome trumps IE as world’s top browser
Chrome's average usage share for the week of May 14-20 was 32.8%, said StatCounter, an analytics company that tracks browser and operating system trends. For the same week, IE's share was 31.9%.
Although Chrome has beaten IE in StatCounter's tally before -- a day here, another there, this was the first time that Google's browser took the top spot for an entire week.
Mozilla's Firefox placed third with a share of 25.5%, while Apple's Safari and Opera Software's Opera brought up the rear with 7.1% and 1.7%, respectively. Read more...
Firefox’s four release channels explained
By now, it should be easy to pick a browser. Most of you probably settled on a favorite ages ago, and it’s going to take some seriously cool new features — or a whole lot of crashing — to make you switch at this point. But even if you’re in love with your default you might be wondering if you’re running the right channel.
Opera offers up Opera Next to its users. Google Chrome and Firefox both have four versions being worked on at any given time. Fortunately for Firefox users, Mozilla’s got a handy new graphic that clearly shows what you can expect from each build — Stable, Beta, Aurora, and Nightly. To seasoned veterans of the web it’s a no brainer, but the image and a little explanation is handy for more casual users who want to know if the grass is greener on the other side. Read more...
Mozilla to kill Firefox 3.6 by auto-upgrading old browser
Mozilla will give Firefox 3.6 the coup de grace next month by automatically upgrading users of that 2010 browser to Firefox 12.
The move isn't a first for the open-source developer: A year ago, it gave Firefox 3.5 the same auto-upgrade death blow.
According to Alex Keybl, Firefox's release manager, the automatic upgrade of Firefox 3.6 to Firefox 12 will take place in early May, although a date has not yet been set. Read more...
Mozilla delivers silent updating with Firefox 12 release
Mozilla today released Firefox 12, patching 14 security bugs in the browser and moving it one step closer to matching rival Chrome in silent updating.
The latest in the line of updates that have rolled off the Mozilla development line every six weeks since mid-2011, Firefox 12 fixed seven vulnerabilities labeled "critical," the highest threat ranking in Mozilla's four-step scoring, four bugs tagged "high" and three pegged "moderate." Read more...
Google’s False Start gets a real stop
Google security researcher Adam Langley has announced that Google is abandoning attempts to bring its secure connection speed-up False Start technology to HTTP/S enabled sites. False Start was introduced in Google's Chrome open source browser and attempted to speed up secure connections by reducing the number of round-trip passes involved in setting up an SSL connection – this was achieved by getting the client to send the "Finished" message and first ApplicationData message in one packet, rather than sending "Finished", waiting for a response and then sending the first ApplicationData message. False Start could reduce the time taken to start connections by 30 per cent. Read more...
Use Internet Explorer 9? You need this update, stat
Just over 8.5% of TNW readers, which amounts to a whole pile of traffic, use Internet Explorer on their normal computers (non-mobile), so this post is for them. If you use Internet Explorer (and we presume that that means you are on version 9, the good one), you need to make sure that you have the April ‘Cumulative Security Update’ for the browser.
It patches some five previously reported issues, making it an essential grab if Internet Explorer is your daily drive. Depending on how you have your Windows Update settings tuned, you might be snagging it automatically, but if not, details can be found right here. Read more...
Google patches Chrome for second time in eight days
Google on Thursday patched 12 Chrome vulnerabilities, the second time in eight days that the search company has updated its browser.
Most of the vulnerabilities -- eight of the dozen -- were identified as "use-after-free" bugs, a common type of memory vulnerability that researchers have found in large numbers within Chrome using Google's own AddressSanitizer detection tool.
Seven of the 12 bugs were rated "high," the second-most-serious ranking in Google's scoring system. Four were marked "medium" and one was labeled "low."
Google paid $6,000 in bounties to three researchers for reporting seven of the vulnerabilities. The others were unearthed by Google's own security team or were ineligible for a finder's fee. Read more...
Facebook scammers host Trojan horse extensions on the Chrome Web Store
Cybercriminals are uploading malicious Chrome browser extensions to the official Chrome Web Store and use them to hijack Facebook accounts, according to security researchers from Kaspersky Lab.
The rogue extensions are advertised on Facebook by scammers and claim to allow changing the color of profile pages, tracking profile visitors or even removing social media viruses, said Kaspersky Lab expert Fabio Assolini in a blog post on Friday.
Assolini has recently observed an increase in the number of Facebook scams that use malicious Chrome extensions and originate in Brazil.
Once installed in the browser, these extensions give attackers complete control over the victim's Facebook account and can be used to spam their friends or to Like pages without authorization. Read more...
Microsoft’s new IE9 commercial is surprisingly compelling
Certain products are at their best when you notice them the least. Web browsers are a good example of this, as you want the Internet to flow well, and not to get tripped up on what tool you are using to access it. That in mind, it can be difficult to cast a utility tool in a pleasing or exciting light, given their inherent status as backbone technology.
Google had a series of innovative commercials for Chrome, showing off various tests of the browser against whimsical Rube Goldbergs. Chrome, as you can guess, won. Microsoft, looking to promote Internet Explorer 9 has just released a new commercial which is, I think, effective, and notable as it is focused and surprisingly un-silly. Read more...
Google adds Do Not Track button to Chrome
Google's Chrome browser has added a Do Not Track option that will prevent websites using your browser history to target ads at you.
Pioneered by Mozilla Firefox, the Do Not Track convention adds a field in the HTTP header of each web page instructing websites not to take info about you from your browser. Commonly used to prevent overly personal targeted ads, Do Not Track also stops web visitors having their data picked through by websites' social features and analytics engines. Microsoft claims that Internet Explorer doesn't track its users and Do not Track is an option in Safari. Read more...
LinkedIn scoops up browser plugin Rapportive: ‘We fell in love’
LinkedIn has bought browser plugin outfit Rapportive for an undisclosed sum.
The two-year-old start-up told its users that its handling of their data was now covered by LinkedIn's privacy policy and terms of service.
"During our partnership with LinkedIn, we got to know them very well. We found a great overlap between our visions. We found a high-calibre and extremely driven team. We found, crucially, a 'members-first' company: everything that LinkedIn does is about making its members more successful," the company's CEO Rahul Vohra gushed. Read more...
Microsoft claims Google bypassed its browser privacy too
Microsoft has released data showing that Google has been bypassing the user-defined privacy settings in Internet Explorer by using incorrect P3P identification terms.
“When the IE team heard that Google had bypassed user privacy settings on Safari, we asked ourselves a simple question: is Google circumventing the privacy preferences of Internet Explorer users too?” Dean Hachamovitch, VP of Internet Explorer wrote in a blog post. “We’ve discovered the answer is yes: Google is employing similar methods to get around the default privacy protections in IE and track IE users with cookies.” Read more...