Computer Security in the News

Not much to say today, but there has been plenty of computer security stuff in the news, so I thought I would post about it:

First, for anyone running WordPress, make sure to upgrade to 2.8.2, as it corrects a XSS vulnerability. For Firefox, make sure to upgrade from 3.5 to 3.5.1 if you haven’t already, as it provides you with a fix to a severe javascript weakness along with some other improvements. It seems as though Internet Explorer has been having similar difficulties with drive by pawning with Active-X again, although I’ve heard that it’s only a problem for older systems (read XP) and versions of IE. This should just reinforce the importance of maintaining software with upgrades for everyone, since old and unpatched software is just asking to become part of someone’s botnet.

Now the newest issue to come out is regarding a vulnerability in Adobe’s Flash and Reader, patches are already scheduled for next week, but in the meantime, the best course of action is probably to use Firefox + NoScript (which has to be about THE most awesome combination for surfing the Internet invented to date) to make sure your browser isn’t running any more flash than is absolutely necessary. Being cautious of websites and pdf files you are unfamiliar with is also a good idea. Also, make sure to look for updates to Flash on July 30th so that you aren’t surfing around with the vulnerability any longer than you have to.

Please comment