Network News

X My Profile
View More Activity

Security Fix Pop Quiz, Summer 2007 Edition

Yes, dear readers, it's time once again for a Security Fix Pop Quiz, intended to serve as a gentle reminder to install security updates for third-party programs.

The table below lists the software title, the date each update was released, followed by a link to the latest, patched version of the software. Where possible, clicking on the hyperlinked software title will produce a page that should tell visitors what version they currently have installed.

Adobe Flash Player, Released July 10, 2007, version 9.0.47.0 (Win, Mac, Solaris).

Adobe Acrobat Reader, Released June 5, 2007, version 8.1

iPhone Security Update
, Released July 31, 2007, version 1.0.1

iTunes, Released August 3, 2007, version 7.3.2

Mozilla Firefox, Released July 31, 2007, version 2.0.0.6

Opera, Released July 19, 2007, version 9.22

QuickTime, Released July 11, 2007, version 7.2

Safari 3 Beta, Released July 31, 2007, version 3.0.3 (available for Windows, Mac OS X and Linux).

Sun's Java Runtime Environment (JRE), Released July 4, 2007, Java SE 6 Update 2

Winamp
, Released May 10, 2007, version 5.35

Yahoo! Messenger
, Released July 24, 2007, version 8.1.0.413

ZoneAlarm, Released July 3, 2007, version 7.0.362.000

These are just some of the more widely used applications. As I've mentioned before, Secunia's Software Inspector can run through your system and scan for a more thorough list of third-party apps that might need updating (no software installs required, but you do need to have Java installed).

By Brian Krebs  |  August 13, 2007; 2:57 PM ET
Categories:  From the Bunker , New Patches , Safety Tips  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: There's a Black Tuesday on the Rise
Next: Microsoft Fixes 14 Software Security Flaws

Comments

I guess I'm good. Of the items listed, all the ones I have installed are current. One little wrinkle came up on Mozillazine's Firefox board after the last Java update. Sun does NOT recommend removing earlier JRE versions! http://www.java.com/en/download/faq/5000070400.xml
How 'bout them apples?

Also,regarding Secunia, they now have a Personal Software Inspector (Beta) available that checks over 4,000 apps versus 40 for the on-line scan. Nice idea, but who needs one more process constantly running in the background? Therefore I've disabled it and plan on firing it up once a month, like after every 'Patch Tuesday.' https://psi.secunia.com/

Posted by: Keith Warner | August 13, 2007 6:03 PM | Report abuse

Alas! Secunia's PSI does not work for OS X! Now why is that? ;)

Posted by: Rick | August 13, 2007 7:16 PM | Report abuse

"Safari 3 Beta, Released July 31, 2007, version 3.0.3 (available for Windows, Mac OS X and Linux)."

Um, there is currently no Safari beta for Linux.

Posted by: Martey | August 13, 2007 9:47 PM | Report abuse

Rick> Alas! Secunia's PSI does not work for OS X! Now why is that? ;)

Because, although it is invoked via Java, the core inspection code is actually a Windows DLL.

Posted by: antibozo | August 13, 2007 9:57 PM | Report abuse

Hm. Actually I meant my last comment to apply to the regular web-based Secunia software inspector. I haven't looked at the "Personal" version.

Posted by: antibozo | August 14, 2007 3:32 AM | Report abuse

The link for verifying the Java version is old. It said I was out of date even though I'm not. So I went to java[dot]com and clicked the "Do I have Java?" link: http://www.java.com/en/download/installed.jsp .

Posted by: Anonymous | August 14, 2007 5:00 AM | Report abuse

I use the Secunia tool regularly, it's very good and especially helpful because it often give links to the download locations for the updates. And simple enough for Grandma to run.

Big problem with Quicktime: this latest rev refuses to install on my Windows 2000 Workstation, says 2000 is no longer supported. Unless they fix this, I'll have to take Quicktime off my system. Sure am glad Youtube doesn't use QT!

And regarding Flash, there's got to be another update soon because 9.0.47.0 (in fact, any 9.x) has been shown to be unsafe to use. (See http://scan.flashsec.org/)

And Firefox has now been shown to have a design defect that will be very difficult to fix (See http://www.0x000000.com/index.php?i=417).

So it's a neverending battle. Might as well tuen off the Internet! http://www.turnofftheinternet.com/

Posted by: setver | August 14, 2007 8:32 AM | Report abuse

Your listing of ZoneAlarm version 7.0.362.000 may be doing readers a disservice. I noticed that my version of ZoneAlarm was 7.0.337.000 and ZoneAlarm's update facility said it was current. I checked with the ZoneAlarm user forum. There is a newer version (362), but apparently it has numerous problems so ZoneAlarm is not pushing it out to subscribers. For whatever it is worth, advice on the forum is not to try to update to version 362.

Posted by: HSBell | August 14, 2007 11:35 AM | Report abuse

I see that I am not the only one that has had problems with Mozilla Firefox. Unfortunately the problem did not exist or at least show itself until the 0.0.6 update was installed.

Posted by: adak_al | August 15, 2007 2:06 AM | Report abuse

I went to get an updated version of Opera today -- I only use it occasionally -- and the latest version is 9.23, according to the Web site. The changelog, which is dated today (15 August) says this is a recommended security upgrade: it fixes a vulnerability in the JavaScript implementation. The security notice is here:

http://www.opera.com/support/search/view/865/

The merry-go-round never stops ...

Posted by: Rich Gibbs | August 15, 2007 5:23 PM | Report abuse

I need help. Yesterday I bought an AVG Internet Security package after talking with the Frys sales person. I first learned about AVG after reading your chats.

My problem is that I can get the program installed! They need me to input a license or sales number. I do hav a string of alphmeric characters on the back of the jacket which contained the CD. However that is not it. I am now stuck! I cannot proceed because AVG will not let me go on unless I have the necessary license/sales number!!

I am now at a wits end!! Please help if you can

Posted by: Hsien Chang | August 16, 2007 10:19 AM | Report abuse

For Hsien Chang:

Fry's customer service:
http://shop3.outpost.com/template/help/index/;jsessionid=U18beuD8I5rDGB5RyI6PmQ**.node2

Grisoft (maker of AVG) Support:
http://www.grisoft.com/doc/59/us/crp/0

Have receipt and credit card # ready.


Good luck

Posted by: Keith Warner | August 16, 2007 7:13 PM | Report abuse

Well?

Posted by: Keith Warner | August 18, 2007 8:33 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company