Thunderbird 45.7.1 released
FYI...
Thunderbird 45.7.1 released
- https://www.mozilla.org/en-US/thunde.../releasenotes/
Feb 7, 2017
Fixed: Crash when viewing certain IMAP messages (introduced in 45.7.0)
Automated Updates: https://support.mozilla.org/en-US/kb...ng-thunderbird
Manual check: Go to >Help >About Thunderbird
Download
- https://www.mozilla.org/en-US/thunderbird/all/
v45.7.1
:fear::fear:
Thunderbird 45.8.0 released
FYI...
Thunderbird 45.8.0 released
- https://www.mozilla.org/en-US/thunde.../releasenotes/
Mar 7, 2017
Fixed in Thunderbird 45.8
- https://www.mozilla.org/en-US/securi...hunderbird45.8
- https://www.mozilla.org/en-US/securi...s/mfsa2017-07/
Critical
CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
CVE-2017-5401: Memory Corruption when handling ErrorResult
CVE-2017-5402: Use-after-free working with events in FontFace objects
CVE-2017-5404: Use-after-free working with ranges in selections
CVE-2017-5398: Memory safety bugs fixed in Thunderbird 45.8
Automated Updates: https://support.mozilla.org/en-US/kb...ng-thunderbird
Manual check: Go to >Help >About Thunderbird
Download
- https://www.mozilla.org/en-US/thunderbird/all/
:fear::fear:
Adblock Plus 1.13 for Chrome and Opera
FYI...
Adblock Plus 1.13 for Chrome and Opera released
- https://adblockplus.org/releases/adb...opera-released
2017-03-15
Install Adblock Plus 1.13 for Chrome
Install Adblock Plus 1.13 for Opera
This is a major release containing some user interface improvements...
Changes:
- Further improved our WebSocket (issue 4643, 4807) and popup (issue 4834) blocking capabilities.
- Improved the “Block element” tool, fixing a bug where the dialog window would sometimes fail to open (issue 4714) and another which very rarely caused the currently targeted element(s) not to be highlighted (issue 4603).
- Improved the “Add your own filters” interface in the Options page. Extremely large filters are now displayed properly (issue 1121), and the interface is much more responsive when dealing with large numbers of custom filters (issue 4752).
- Improved the Adblock Plus developer tools pane. Chrome’s dark theme is now supported (issue 4136), the Control-F search interface now works (issue 4644) and elements hidden by CSS property filters are now listed (issue 3596).
- Worked around a limitation with Chrome’s onCommitted event which caused many problems (issue 4598, 4599, 4647, 4804). Most notably this caused some requests to be improperly blocked / not blocked...
:spider:
Apple - many multiple updates - 2017.03.27
FYI...
- https://support.apple.com/en-us/HT201222
Apple Releases Security Update for iWork
- https://www.us-cert.gov/ncas/current...y-Update-iWork
Mar 27, 2017
- https://support.apple.com/en-us/HT207595
Mar 27, 2017 - "Available for: macOS 10.12 or later, iOS 10.0 or later..."
- http://www.securitytracker.com/id/1038134
CVE Reference: CVE-2017-2391
Mar 27 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 4.1 ...
Impact: A user with access to exported PDF documents can obtain potentially sensitive information from the password protected exported PDF.
Solution: The vendor has issued a fix (4.1)...
The vendor advisory is available at: https://support.apple.com/en-us/HT207595
- http://www.securitytracker.com/id/1038135
CVE Reference: CVE-2017-2391
Mar 27 2017
Fix Available: Yes Vendor Confirmed: Yes
Impact: A user with access to exported PDF documents can obtain potentially sensitive information from the password protected exported PDF.
Solution: The vendor has issued a fix (6.1)...
The vendor advisory is available at: https://support.apple.com/en-us/HT207595
- http://www.securitytracker.com/id/1038136
CVE Reference: CVE-2017-2391
Mar 27 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 7.1...
Impact: A user with access to exported PDF documents can obtain potentially sensitive information from the password protected exported PDF.
Solution: The vendor has issued a fix (7.1)...
The vendor advisory is available at: https://support.apple.com/en-us/HT207595
___
Safari 10.1
- https://support.apple.com/en-us/HT207600
Mar 27 2017 - "Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4.."
- http://www.securitytracker.com/id/1038137
CVE Reference: CVE-2016-9642, CVE-2016-9643, CVE-2017-2364, CVE-2017-2367, CVE-2017-2376, CVE-2017-2377, CVE-2017-2378, CVE-2017-2385, CVE-2017-2386, CVE-2017-2389, CVE-2017-2394, CVE-2017-2395, CVE-2017-2396, CVE-2017-2405, CVE-2017-2415, CVE-2017-2419, CVE-2017-2424, CVE-2017-2433, CVE-2017-2442, CVE-2017-2444, CVE-2017-2445, CVE-2017-2446, CVE-2017-2447, CVE-2017-2453, CVE-2017-2454, CVE-2017-2455, CVE-2017-2459, CVE-2017-2460, CVE-2017-2464, CVE-2017-2465, CVE-2017-2466, CVE-2017-2468, CVE-2017-2469, CVE-2017-2470, CVE-2017-2471, CVE-2017-2475, CVE-2017-2476, CVE-2017-2481 (Links to External Site)
Mar 27 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 10.1...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can cause denial of service conditions.
A local user can obtain potentially sensitive information on the target system.
A remote user can bypass security controls on the target system.
A remote user can obtain potentially sensitive information on the target system.
A remote user can spoof a URL.
A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the Apple Safari software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Solution: The vendor has issued a fix (10.1).
The vendor advisory is available at: https://support.apple.com/en-us/HT207600
___
macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite
- https://support.apple.com/en-us/HT207615
Mar 27 2017
- http://www.securitytracker.com/id/1038138
CVE Reference: CVE-2016-5636, CVE-2016-7585, CVE-2017-2379, CVE-2017-2381, CVE-2017-2388, CVE-2017-2390, CVE-2017-2392, CVE-2017-2398, CVE-2017-2401, CVE-2017-2402, CVE-2017-2403, CVE-2017-2406, CVE-2017-2407, CVE-2017-2408, CVE-2017-2409, CVE-2017-2410, CVE-2017-2413, CVE-2017-2416, CVE-2017-2417, CVE-2017-2418, CVE-2017-2420, CVE-2017-2421, CVE-2017-2422, CVE-2017-2423, CVE-2017-2425, CVE-2017-2426, CVE-2017-2427, CVE-2017-2428, CVE-2017-2429, CVE-2017-2430, CVE-2017-2431, CVE-2017-2432, CVE-2017-2435, CVE-2017-2436, CVE-2017-2437, CVE-2017-2438, CVE-2017-2439, CVE-2017-2440, CVE-2017-2441, CVE-2017-2443, CVE-2017-2448, CVE-2017-2449, CVE-2017-2450, CVE-2017-2451, CVE-2017-2456, CVE-2017-2457, CVE-2017-2458, CVE-2017-2461, CVE-2017-2462, CVE-2017-2467, CVE-2017-2472, CVE-2017-2473, CVE-2017-2474, CVE-2017-2478, CVE-2017-2482, CVE-2017-2483, CVE-2017-2485, CVE-2017-2486, CVE-2017-2487, CVE-2017-6974
Updated: Mar 28 2017
Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of system information, Modification of user information, User access via local system, User access via network
Fix Available: Yes Vendor Confirmed: Yes ...
Solution: The vendor has issued a fix (Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite).
The vendor advisory is available at: https://support.apple.com/en-us/HT207615
___
iOS 10.3
- https://support.apple.com/en-us/HT207617
Mar 27 2017 - "Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later..."
- http://www.securitytracker.com/id/1038139
CVE Reference: CVE-2017-2384, CVE-2017-2393, CVE-2017-2397, CVE-2017-2399, CVE-2017-2400, CVE-2017-2404, CVE-2017-2412, CVE-2017-2414, CVE-2017-2434, CVE-2017-2452, CVE-2017-2484
Mar 28 2017
Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of system information, Modification of user information
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 10.3...
Impact: A remote user can access and modify certain iTunes data.
A local user can obtain potentially sensitive information on the target system.
A remote user can conduct cross-site scripting attacks.
Solution: The vendor has issued a fix (10.3).
The vendor advisory is available at: https://support.apple.com/en-us/HT207617
___
macOS Server 5.3
- https://support.apple.com/en-us/HT207604
Mar 27 2017 - "Available for: macOS 10.12.4 and later..."
- http://www.securitytracker.com/id/1038144
CVE Reference: CVE-2007-6750, CVE-2017-2382
Mar 28 2017
Impact: Denial of service via network, Disclosure of system information
Fix Available: Yes Vendor Confirmed: Yes ...
Impact: A remote user can cause denial of service conditions.
A remote user can determine valid usernames on the target system.
Solution: The vendor has issued a fix (macOS Server 5.3).
The vendor advisory is available at: https://support.apple.com/en-us/HT207604
___
tvOS 10.2
- https://support.apple.com/en-us/HT207601
Mar 27 2017 - "Available for: Apple TV (4th generation)..."
___
watchOS 3.2
- https://support.apple.com/en-us/HT207602
Mar 27 2017 - "Available for: All Apple Watch models..."
___
- https://www.us-cert.gov/ncas/current...y-Update-iWork
Mar 27 2017
:fear::fear::fear:
Apple update - iCloud for Windows 6.2
FYI...
- https://support.apple.com/en-us/HT201222
iCloud for Windows 6.2
- https://support.apple.com/en-us/HT207607
Mar 28, 2017 - "Available for: Windows 7 and later..."
:fear::fear:
Thunderbird 52.0 released
FYI...
Thunderbird 52.0 released
- https://www.mozilla.org/en-US/thunde.../releasenotes/
April 4, 2017
Fixed in Thunderbird 52
- https://www.mozilla.org/en-US/securi...#thunderbird52
- https://www.mozilla.org/en-US/securi...s/mfsa2017-09/
Critical
CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
CVE-2017-5401: Memory Corruption when handling ErrorResult
CVE-2017-5402: Use-after-free working with events in FontFace objects
CVE-2017-5403: Use-after-free using addRange to add range to an incorrect root object
CVE-2017-5404: Use-after-free working with ranges in selections
Automated Updates: https://support.mozilla.org/en-US/kb...ng-thunderbird
Manual check: Go to >Help >About Thunderbird
Download
- https://www.mozilla.org/en-US/thunderbird/all/
:fear::fear:
Thunderbird 52.0.1 released
FYI...
Thunderbird 52.0.1 released
- https://www.mozilla.org/en-US/thunde.../releasenotes/
April 14, 2017
Fixed:
- Crash due to incompatibility with McAfee Anti-SPAM add-on. Add-on is blocked in 52.0.1
- Clicking on a link in an email may not open this link in the external browser...
Complete list of changes in this release
- https://mzl.la/2nSk0Ft
373 bugs found
Automated Updates: https://support.mozilla.org/en-US/kb...ng-thunderbird
Manual check: Go to >Help >About Thunderbird
Download
- https://www.mozilla.org/en-US/thunderbird/all/
:fear::fear: