Apple Quicktime and Opera [Security] Updates
Apple has released a new version (7.4.5) of it's QuickTime product that fixes 11 vulnerabilities, most of which are labeled as Highly Critical. Also, Opera has released a new version (9.27) that fixes 2 vulnerabilities marked Highly Critical.
Users of these products need to update to the latest version as soon as possible*.
Users of Apple products like QuickTime and iTunes can use "Apple Software Update" (in their "All Programs" list for Microsoft users) to obtain the update.
A word of caution: Apple has decided to include their Safari Browser with the Quicktime (and future) update(s)!
Here's a good explanation about this I found on Wikipedia's [Safari web browser] page:
"Distribution through Apple Software Update
Apple Inc. has been criticized for using Apple Software Update, which is bundled with QuickTime and iTunes in Microsoft Windows, to promote Safari to Windows users. When Safari 3.1 is not detected in a user's machine, the updating software, by default, automatically selects the browser for installation. John Lilly, CEO of Mozilla, stated that Apple's use of its updating software to promote its other products is "a bad practice and should stop." He argued that the practice "borders on malware distribution practices" and "undermines the trust that [software companies are] all trying to build with users."[15] Apple has responded to Lilly's statement, saying that the company is only trying to ensure users have the latest updates to Safari.[15] This statement can be misleading in the fact that Safari 3.1 appears as an update, even when Safari is not installed on the computer."
Bottom line: If you don't already have the Safari browser installed, and you don't want it downloaded and installed along with the QuickTime update, un-check its check box before starting the download and install process.
This decision by Apple has been widely criticized in the tech community. It's an old marketing tactic used by less than scrupulous companies who know through experience (and research) that a large percentage of people won't notice 'and click on the big button' focusing on what they think they're downloading/installing.
- One of the reasons I always tell all of you to "Think Before You Click!".
The Opera Browser should alert you to the update as soon as you open it. Just click yes in the notification box that pops up to download the new version to your desktop (or whatever folder you've created to hold your web downloads), scan the file manually** with one (or more) anti-virus/anti-malware program(s), then click on it to install.
-------------------------------------------------------------------------------------
Additional links to relevant sites:
Wikipedia - Opera (web browser)
Apple - About the security content of QuickTime 7.4.5
InfoWorld - PayPal warns: Steer clear of Apple's Safari browser
InformationWeek - Mozilla CEO: Apple's Safari-To-Windows Distribution Scheme Is Wrong
TechWack - Network admins unhappy with Apple Safari auto installation
Salon - A rocky Windows trek for Apple's Safari browser
--------------------------------------------------------------------------------------
That's all for now. Thanks for being responsible computer users.
And always remember to Think Before You Click!
* I apologize for not posting this alert sooner. My elderly mother is in the late stages of Alzheimer's and naturally my attention and priorities are on her.
** Something you should always do after you download software as a matter of habit.
I haven't seen any spam..
Not sure what you're talking about Bill. I just looked at a few blog posts and I don't see any spam. In fact I've never seen any spam in the comments here. It must be getting cleaned up by the blog djinni as soon as it's posted (good work!).
Not having seen it, I can't comment on this specific spam, but it generally contains a message they want to advertise and/or a URL to a web site. Malicious spam usually has a URL-link to a phishing web site or one that covertly redirects your browser to a site that contains some kind of exploit or downloads a trojan.
Just Google "Spam" and you'll find all the info you could ever want about it. Just make sure that the link(s) you follow from the Google (or your search engine of choice) results aren't malicious. You are using protection like LinkScanner or Finjan Securebrowsing, right? You never know these days. Even well known 'trusted' web sites can contain transient exploits, and the "protection" provided by anything that relies on 'Blacklists' can't be relied on for protection.
Just as long as 'the tubes' aren't clogged you can use 'the Google'.
Just don't click on any spam.
Bottom line, the spammer wants to profit in some way.
Edit: Note to webmaster, the time listed for my comment was identical to Bill's, even though I left the comment closer to 06:25 AM (the time right now is only 06:35AM).
TR -- We periodically do get
TR -- We periodically do get spammed -- I ax it from the site when I see it, or when someone sends me an e-mail. Thankfully, we have an easy way to get the stuff deleted. Bill has been helpful in that regard.
As I figured --
- Clay.. I was referring to you (or someone there) when I mentioned "the blog djinni"/genie.
It's too bad that folks like yourself have to deal with comment spam. I'm sure you have better things to do, even if it doesn't take much time.
Hey TR,
What is the advantage of the spammers to add spam to our blogs on this site?
Is it just an aggravation? Or is there some agenda? I don't understand this.
This yangyang1 has posted a thread on every blog piece on this page.
I don't understand??????? Thought you might have insight as the tech guru of the blog site!