Mozilla releases Firefox 12.0 update

Posted by:
Date: Tuesday, April 24th, 2012, 12:26
Category: News, Software

elfirefox

Late Tuesday, Mozilla.org released version 12.0 of its Firefox web browser. The new version, a 32 megabyte download and adds the following fixes and changes:

- Firefox can now migrate your bookmarks, history, and cookies from Google Chrome.

- With Sync enabled, add-ons can now be synchronized across your computers.

- The CSS text-size-adjust property is now supported.

- Redesigned media controls for HTML5 video.

- The outerHTML property is now supported on HTML elements.

- View source syntax highlighting now uses the HTML5 parser (see bug 482921).

- The Style Editor for CSS editing is now available to web developers.

- Web developers can now visualize a web page in 3D using the Page Inspector 3D View.

- SPDY protocol support for faster page loads is now testable.

- XMLHttpRequest now supports HTML parsing.

- Files can now be stored in IndexedDB (see bug 661877).

- Websockets has now been unprefixed.

- Firefox notifications may not work properly with Growl 1.3 or later (691662).

Firefox 12.0 requires an Intel-based Mac running Mac OS X 10.5 or later to install and run.

If you’ve tried the new version and have any feedback to offer, please let us know in the comments.

Symantec: Flashback malware still present on approximately 140,000 Macs

Posted by:
Date: Tuesday, April 17th, 2012, 19:21
Category: News, security, Software

The good news: The Flashback malware’s infection numbers have gone down dramatically.

The bad news: About 140,000 of you need to look into removing the malware on your Mac.

Per a recent Symantec blog post, the security firm guessed that the number of affected machines would have dropped precipitously by now given that Apple and third-party vendors released their respective Flashback-neutralizing programs last week. The Mac maker even rolled out a removal tool for those Mac users who don’t have Java installed, and thus may be harboring a dormant version of the malware.

Statistics from Symantec’s “sinkhole,” or spoofed command and control server, show that Flashback has been removed from some 460,000 machines since Apr. 9, but the company expected less than 99,000 would be carrying the trojan by Tuesday.

Sinkholes are used by internet security and research entities to monitor and analyze the spread of malicious programs, though the standard practice sometimes brings unwarranted suspicion to smaller, less well-known firms. For example, Apple reportedly attempted to shut down the server hosting a sinkhole belonging to Flashback’s discoverer Dr. Web, mistakenly thinking that it was a legitimate command and control server. Apple’s move, however, can also be considered standard practice when dealing with fast-moving malware.

There has been no speculation as to why the remaining Macs haven’t already disposed of Flashback, as the self-installing program can be easily identified and deleted. It is possible that machine owners remain unaware of the program and haven’t yet performed a software update that would eradicate it.

The trojan itself continues to propagate on upatched systems. Analysis into Flashback’s structure reveals that it is coded to exceed the .com top level domain, and generates domain names from .in, .info, .kz and .net. Flashback creates one new string every day that is paired with a random TLD.

Once a user visits a site carrying Flashback, the program installs itself without the need for permission and proceeds to collect sensitive data like user iDs, passwords and web browsing histories which it then sends to an off-site repository.

Just as Flashback exploited the “Oracle Java SE Remote Java Runtime Environment Denial Of Service Vulnerability” to create its botnet, another threat has surfaced that uses the same hole as a means of distribution.

Called Backdoor.OSX.SabPub.a, the newly-discovered malware was created in March and is considered an “active attack” trojan as an operator manually checks and harvests data from an affected machine. SabPub has also been seen being distributed in malicious Word documents, installing itself by exploiting a known record parsing buffer overflow vulnerability.

Stay tuned for additional details as they become available.

VMWare releases Fusion 4.1.2 update

Posted by:
Date: Monday, April 16th, 2012, 09:53
Category: News, Software

On Friday, virtualization softare maker VMWare released version 4.1.2 of its Fusion software for the Mac.

Similar to other virtualization software packages, VMWare allows users to run alternate operating systems such as Windows and Linux distributions on Intel-based Macs at native speeds. Other features, such as Unity, allow users to run and minimize Windows applications from the Mac OS X Dock.

The new version, a 180 megabyte download, can be found here and offers the following fix:

- Resolved an issue that caused the following message when you resumed a suspended virtual machine: The Virtual Machine is unable to reserve memory.

- The McAfee Virus Scan software is updated.

- Resolved an intermittent problem that caused printing to fail on Mac OS X Lion.

- Resolved an issue that occurred when copying and pasting information from newer Linux distributions.

- Improved compatibility with certain versions of Mac OS X.

- Improved the behavior of the minibar when placed at the top of the display.

- Fixed mapping of comma on numeric keyboard mapping of a French keyboard.

- Resolved an intermittent problem when removing a CD device from a virtual machine.

Fusion 4.1.2 retails for US$49.99 and requires an Intel-based Mac, 2 GB of RAM, Mac OS X 10.6.7 or later (10.7 recommended) and a copy of Windows (if you’ll be installing Windows).

If you’ve tried the new version and have any feedback to offer, please let us know in the comments.

Adobe releases Flash Player 11.3.300.214 beta update

Posted by:
Date: Thursday, April 12th, 2012, 06:48
Category: News, Software

adobelogo

Late Wednesday, Adobe released Flash Player 11.3.300.214 for Mac OS X, a 10.9 megabyte download via MacUpdate. The new beta version includes the following fixes and changes:

- Texture streaming.

- Background Updater for Mac.

- Driver gating hardware acceleration relaxed to 2006.

- MouseEvent.RELEASE_OUTSIDE.

- ApplicationDomain.getQualifiedDefinitionNames().

- Improved Mac App Store Support.

- Simulator Support for iOS.

- Aspect Ratio Enhancements.

- ADT support to package 144×144 size icons has been added in AIR 3.3.

- Capabilities.screenDPI now returns appropriate DPI value for high resolution iPads.

Flash Player 11.3.300.214 requires an Intel-based Mac running Mac OS X 10.6 or later to install and run.

If you’ve tried the new version and have any feedback, please feel free to hurl your two cents in via the comments.

Apple developing program to track, destroy Flashback malware

Posted by:
Date: Wednesday, April 11th, 2012, 07:38
Category: News, security, Software

applelogo_silver

I think this is where an awesome montage scene of productivity/progress begins in an 80s movie. Or at least the cast involves vows to achieve a long-term goal.

Apple revealed on Tuesday that it is currently developing software to detect and remove the Flashback malware that has infected an estimated 600,000 Macs worldwide.

The company made mention of the upcoming tool in a support document regarding the malicious software, as noted by The Loop. The document also pointed users to last week’s Java update that patched the security flaw that the virus was exploiting.

“In addition to the Java vulnerability, the Flashback malware relies on computer servers hosted by the malware authors to perform many of its critical functions. Apple is working with ISPs worldwide to disable this command and control network,” the company said.

Apple also advises Macs running OS X 10.5 or earlier to disable Java in their browser preferences.

The Flashback trojan horse was first discovered last September. The malware posed as a phony Adobe Flash Player installer in order to trick users into installing it. At the time, a security first categorized the threat as “low.” The current version of Flashback used the Java vulnerability to create a botnet that could mine personal information from unsuspecting users.

Evidence of Apple’s efforts to contact ISPs surfaced earlier on Tuesday when a Russian security firm revealed that the company had targeted one of its servers as being “involved in a malicious scheme.” Dr. Web chief executive Boris Sharov said the server was “not doing any harm to users” and was being used to monitor the spread of the virus.

Sharov noted that the relative rarity of Apple security issues meant that Dr. Web hadn’t established close ties with the company. “For Microsoft, we have all the security response team’s addresses,” he said. “We don’t know the antivirus group inside Apple.”

Last week, a Dr. Web analyst claimed that 600,000 Macs around the world had been infected by the Flashback malware. 56.6 percent of those infections are reportedly located in the U.S.

Stay tuned for additional details as they become available.

QuarkXPress 9.2.1.1 update released

Posted by:
Date: Wednesday, April 11th, 2012, 07:52
Category: News, Software

quarklogo

No one ever said updates were a bad thing.

On Wednesday, software developer Quark released version 9.2 of its QuarkXPress design application. The 160 megabyte update, which can be downloaded here, adds the following fixes and changes:

- Support for iPad retina screen in app templates.

- The ability to add retina-resolution icons to app templates.

- Support for Xcode 4.3.x on Mac OS X 10.7 Lion.

- Improvements to the reliability of the notifications feature – Improvements to the bookstore app template.

QuarkXPress 9.2.1.1 requires Mac OS X 10.5.8 later to install and run and retails for US$799.00 for the full version.

If you’ve tried the new version and have any feedback to offer, please let us know in the comments.

CrossOver updated to 11.0.3

Posted by:
Date: Tuesday, April 10th, 2012, 14:43
Category: News, Software

CrossOver, the popular emulation program from CodeWeavers, has been updated to version 11.0.3. The new version, which is available as a demo, offers the following fixes and changes:

Application Enhancements:
- Fixed a bug whereby Microsoft Office 2010, Service Pack 1 refused to install. It should now install cleanly (an update of CrossTie files from the web-site may be necessary).

- Fixed a bug where Quicken 2012 would hang adding a new online account or updating a bank account.

- Fixed a bug where PowerPoint 2010 would refuse to play slideshows. Slideshows will now work in PowerPoint 2010.

CrossOver Enhancements:
- Fixes for (we hope!) the last outstanding problems with CrossOver registration / licensing.

- Improvements to Japanese and Russian translations.

CrossOver 11.0.3 retails for US$69.95 and requires Mac OS X 10.5 and or later and an Intel-based Mac to install and run.

If you’ve tried the new version and have any feedback to offer, please let us know in the comments.

Parallels Desktop updated to 7.0.15094.749908

Posted by:
Date: Monday, April 9th, 2012, 12:08
Category: News, Software

parallelslogo1.jpg

On Thursday, Parallels released version 7.0.15094.749908 of its Parallels Desktop virtualization software. The new update, a 306 megabyte download, adds the following fixes and changes:

- Improved 3D support.

- Ability to easily download and install Fedora 16 from within the Parallels Wizard.

- Support for the Dvorak keyboard, Arabic keyboard and French numeric keyboard layout.

- Improved support for the Swedish keyboard layout.

Parallels Desktop 7 retails for US$79.99 and requires a 64-bit Intel-based processor, Mac OS X 10.5.8 or later, 2GB of RAM (4GB recommended to run Windows 7), at least 700 MB of space available on the boot volume for Parallels Desktop installation and 15 GB of available disk space for Windows.

If you’ve tried the new version and have any feedback to offer, let us know in the comments.

Skype updated to 5.6.0.203

Posted by:
Date: Thursday, April 5th, 2012, 07:20
Category: News, Software

skypelogo.jpg

On Tuesday, version 5.6.0.203 of the Skype VoIP application was released. The new version, a 22.7 megabyte download, offers the following fixes and changes:

- Automatic Updates

- Improved UI for group video calling.

- New full screen mode in OS X Lion.

- Ability to delete conversations.

- Ability to disable Audio Gain Control.

Skype 5.6.0.203 is available for free and requires Mac OS X 10.5.8 or later to install and run.

If you’ve tried the new version and have any feedback to offer, please let us know.

Apple releases Java for Mac OS X 10.6 Update 7, Java for Mac OS X Lion 2012-001 updates

Posted by:
Date: Wednesday, April 4th, 2012, 06:51
Category: News, Software

applelogo_silver

Have updates, will travel.

Late Tuesday, Apple released Java for Mac OS X 10.6 Update 7, providing “improved reliability, security and compatibility.” The 76 megabyte download requires Mac OS X 10.6.8 to install and run.

The company also released Java for Mac OS X Lion 2012-001, which claims to offer improved compatibility security and reliability. The download comes in at 63.8 megabytes and requires OS X 10.7 or later to install and run.

The updates, which can be located, downloaded and installed via Mac OS X’s Software Update feature, focus on multiple vulnerabilities that exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. If you’ve tried the new versions and have any feedback to offer, please let us know in the comments.