Feeds

Firefox and Opera squish big buffer overflow bugs

Mozilla drops iFrames in sandbox, Opera mends Gmail glitch

Intelligent flash storage arrays

It's time to update alternative browser software again, with new releases of Firefox and Opera out this week. Firefox 17, released Tuesday, features improved support for social networking functions, such as Facebook Messenger, as well as new features to prevent blacklisted extensions from running without user permission. Support for Mac OS X 10.5 (Leopard), a five-year-old version of Apple's desktop operating system, has been dropped.

On the security front, Firefox 17 boasts improved protection against drive-by download attacks, thanks to a sandbox for iFrames. The release also grapples with a large number of security flaws, around six of which are critical. The critical flaws include memory corruption and buffer overflow bugs that might lend themselves towards attacks design to drop malware onto the systems of surfers running vulnerable software.

The complete list of bugs resolved by Firefox 17 runs into the thousands (yes, really) but Paul Ducklin of Sophos has helpfully put together a blog post highlighting the main issues.

In other browser security news, a new release of Opera fixes a critical heap-based buffer overflow vulnerability. Left unpatched, the cross-platform flaw creates a potential avenue for malware-based attacks that rely on tricking surfers into visiting sites running malicious code. Version 12.11 of Opera also tackles a glitch that meant Gmail sometimes failed to load as well as tackling lesser stability issues and security bugs itemised in Opera's release notes here. ®

Top 5 reasons to deploy VMware with Tegile

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.