Wednesday, April 19, 2017

Mozilla Firefox Version 53.0 Released with Massive Security Updates


FirefoxMozilla sent Firefox Version 53.0 to the release channel today.  The update includes a massive 35 security updates identified as eight (8) Critical, sixteen (16) High, seven (7) Moderate updates and four (4) low security updates.  Firefox ESR was updated to version 45.9.0.

The next scheduled release is June 13, 2017 (5 week cycle with release for critical fixes as needed).

Security Fixes:

Critical

High

Moderate

Low

New

  • Improved graphics stability for Windows users with the addition of compositor process separation (Quantum Compositor)
  • Two new 'compact' themes available in Firefox, dark and light, based on the Firefox Developer Edition theme
  • Lightweight themes are now applied in private browsing windows
  • Reader Mode now displays estimated reading time for the page
  • Windows 7+ users on 64-bit OS can select 32-bit or 64-bit versions in the stub installer

Changed

  • Updated the design of site permission requests to make them harder to miss and easier to understand
  • Windows XP and Vista are no longer supported. XP and Vista users running Firefox 52 will continue to receive security updates on Firefox ESR 52.
  • 32-bit Mac OS X is no longer supported. 32-bit Mac OS X users can switch to Firefox ESR 52 to continue receiving security updates.
  • Updates for Mac OS X are smaller in size compared to updates for Firefox 52
  • Media playback on new tabs is blocked until the tab is visible
  • The last few characters of shortened tab titles fade out instead of being replaced by ellipses to keep more of the title visible
  • New visual design for audio and video controls
  • Ended Firefox Linux support for processors older than Pentium 4 and AMD Opteron
Update:

To get the update now, select "Help" from the Firefox menu, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

    References




    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...




    Tuesday, April 18, 2017

    Oracle Java Critical Security Updates Released

    java

    Oracle released the scheduled critical security updates for its Java SE Runtime Environment software.  The update contains eight (8) new security fixes for Oracle Java SE. 
    Details for the CVE's addressed in the update are available here.

    Update

    If Java is still installed on your computer, it is recommended that this update be applied as soon as possible due to the threat posed by a successful attack.

    Download Information

    Download link:  Java SE 8u131

    Verify your version:  http://www.java.com/en/download/testjava.jsp

    Notes:
    • Minimally, UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.  Preferably, see the instructions below on how to handle "Unwanted Extras". 
    • Starting with Java SE 7 Update 21 in April 2013, all Java Applets and Web Start Applications should be signed with a trusted certificate.  It is not recommended to run untrusted/unsigned Certificates.  See How to protect your computer against dangerous Java Applets

    Critical Patch Updates

    For Oracle Java SE Critical Patch Updates, the next scheduled dates are as follows:
    • 18 July 2017
    • 17 October 2017
    • 16 January 2018
    • 17 April 2018

    Unwanted "Extras"

    Although most people do not need Java on their computer, there are some programs and games that require Java.  In the event you need to continue using Java, How-to Geek discovered a little-known and  unpublicized option in the Java Control Panel to suppress the offers for the pre-checked unwanted extras that Oracle has long included with the updates.  Although the Ask Toolbar has been removed, tha does not preclude the pre-checked option for some other unnecessary add-on.

    Do the following to suppress the sponsor offers:
    1. Launch the Windows Start menu
    2. Click on Programs
    3. Find the Java program listing
    4. Click Configure Java to launch the Java Control Panel
    5. Click the Advanced tab and go to the "Miscellaneous" section at the bottom.
    6. Check the box by the “Suppress sponsor offers when installing or updating Java” option and click OK.
    Java suppress sponsor offers

    Java Security Recommendations


    1)  In the Java Control Panel, at minimum, set the security to high.
    2)  Keep Java disabled until needed.  Uncheck the box "Enable Java content in the browser" in the Java Control Panel.

    3)  Instructions on removing older (and less secure) versions of Java can be found at http://java.com/en/download/faq/remove_olderversions.xml

    References




    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...




    Sunday, April 16, 2017

    "Khrystos Voskres!" Happy Easter!



    "Khrystos Voskres!"

    (Christ is Risen!)






    "Voistyno Voskres!"

    (He is Truly Risen!)






    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...