These are: iOS 4.3.2 Software Update, iOS 4.2.7 Software Update for iPhone, Safari 5.0.5, and Security Update 2011-002. So far Apple has released four new security updates this month, all on April 14th. Also check out PCWorld’s Security Alert article on the topic by Tony Bradley here. To learn more about each update–and to download them manually–visit the Microsoft Safety & Security Center here. I keep on getting the warning, clicking on the visit the website, supplying the password, over and over, and I never actually see the web page.
Update MS11-033 fixes this bug by altering the way that the WordPad Text Converters handle these custom attack delivery files.Īs always, to prevent your system from being exploited you should install these updates as soon as possible using Windows Update. My Safari (13.1.2, MacOS 10.13.6, MacBookPro8,1) just goes into an infinite loop. This vulnerability could permit remote code execution if you were to open a specially-crafted file using WordPad, allowing the attacker to gain the same rights as the local user. According to Microsoft the update addresses the vulnerabilities by “modifying the way that Internet Explorer handles objects in memory, content during certain processes, and script during certain processes.”Īnother update, MS11-033 (bearing an ‘important’ rating) addresses a vulnerability found in WordPad Text Converters which affects Microsoft Windows. If you were to view a specially-crafted web page using IE then an attacker could employ remote code execution by exploiting the unpatched vulnerability on your system, allowing the attacker to gain the same rights as the local user. Update MS11-018, which is rated ‘critical’ for IE 6 through 8 on Windows, resolves five vulnerabilities. Update 110411-2 (which fixes the problem) was released about 45 minutes after the false-positive was released. According to an update on the avast! blog, “all sites with a script in a specific format were affected.” After the bad update was released Avast’s virus lab staff quickly discovered the problem and immediately started working on a fix. On April 11th avast! released a false-positive virus definition in update 110411-1 containing an error that caused a number of innocent websites to be flagged as infected.
Also, two days later, Apple released four security updates which cover software updates for iOS 3.0 through 4.3.1, Safari 5.0.5, and a security update to the Certificate Trust Policy for iOS.Īvast! Issues False-Positive Virus Definition
Then, for their monthly Tuesday patch, Microsoft released 17 new security bulletins which addressed 64 vulnerabilities. This month avast! released a false-positive virus definition that affected a number of innocent websites. We’re only halfway through April and there are already too many vulnerabilities to count. You’ll still be able to read the Bugs and Fixes column in the monthly print issue of PCWorld.) (Writer’s Comment: Starting today, Bugs and Fixes will be posted biweekly each month for your convenience.