Now pointlessly enhanced with AI
Apple releases Java for OS X 2013-005.
From the release notes:
This release updates the Apple-provided system Java SE 6 to version 1.6.0_65 and is for OS X versions 10.7 or later.
This update uninstalls the Apple-provided Java applet plug-in from all web browsers. To use applets on a web page, click on the region labeled “Missing plug-in” to go download the latest version of the Java applet plug-in from Oracle.
I do not really have the need for Java if not for Adobe Creative Suite.
Dear Spammer,
Please keep sending those fake emails purporting from Google. The more you send, the more I can build a database of your IP footprints.
Adobe has published a customer security alert page in light of recent security breach that involved 2.9 million accounts of Adobe customers.
From the FAQ page:
What is Adobe doing in response?
As a precaution, we are resetting relevant customer passwords to help prevent unauthorized access to Adobe ID accounts. Customers whose user ID and password were involved will receive an email notification from Adobe with information on how to change their password. We also recommend that customers change their passwords on any website where they may have used the same user ID and password.
We are in the process of notifying customers whose credit or debit card information we believe to be involved in the incident. Customers whose credit or debit card information was involved will receive a notification letter from us with additional information on steps they can take to help protect themselves against potential misuse of personal information about them. We have also notified the banks processing customer payments for Adobe, so that they can work with the payment card companies and card-issuing banks to help protect customers’ accounts.
U.S. only: Adobe is also offering customers, whose credit or debit card information was involved, the option of enrolling in a one-year complimentary credit monitoring membership.
We continue to work diligently internally, as well as with external partners, to address the incident. We have contacted federal law enforcement and are assisting in their investigation.
It is recommended for Adobe customers to change or reset their passwords immediately.
p.s.
This is going to be another interesting Thanksgiving day should I choose to go this year with the Wadhwanis.
Apple releases iOS 7.0.2 to address the lock screen bypass bug.
- Fixes bugs that could allow someone to bypass the Lock screen passcode
- Reintroduces a Greek keyboard option for passcode entry
iOS 7 users can get the delta update by using Software Update; Settings > General > Software Update
Apple released OS X Mountain Lion 10.8.5 on Thursday September 12, 2013.
About the update
The OS X Mountain Lion v10.8.5 Update is recommended for all OS X Mountain Lion users. It improves the stability, compatibility, and security of your Mac. This update:
- Fixes an issue that may prevent Mail from displaying messages
- Improves AFP file transfer performance over 802.11ac Wi-Fi
- Resolves an issue that may prevent a screen saver from starting automatically
- Improves Xsan reliability
- Improves reliability when transferring large files over Ethernet
- Improves performance when authenticating to an Open Directory server
- Addresses an issue that prevented a smart card from unlocking preference panes in System Preferences
- Contains the improvements included in MacBook Air (Mid 2013) Software Update 1.0
Apple also released Digital Camera RAW Compatibility 4.09.
WordPress 3.6.1 is now available.
Summary
From the announcement post, this maintenance release addresses 13 bugs with version 3.6.
Additionally: Version 3.6.1 fixes three security issues:
- Remote Code Execution: Block unsafe PHP de-serialization that could occur in limited situations and setups, which can lead to remote code execution. Reported by Tom Van Goethem. CVE pending.
- Privilege Escalation: Prevent a user with an Author role, using a specially crafted request, from being able to create a post “written by” another user. Reported by Anakorn Kyavatanakij. CVE pending.
- Link Injection / Open Redirect: Fix insufficient input validation that could result in redirecting or leading a user to another website. Reported by Dave Cummo, a Northrup Grumman subcontractor for the U.S. Centers for Disease Control and Prevention. CVE pending.
Additional security hardening:
- Updated security restrictions around file uploads to mitigate the potential for cross-site scripting. The extensions .swf and .exe are no longer allowed by default, and .htm and .html are only allowed if the user has the ability to use unfiltered HTML.
A full log of the changes made for 3.6.1 can be found at http://core.trac.wordpress.org/log/branches/3.6?stop_rev=24972&rev=25345.
Plant vs. Zombies 2 was only available for iOS at launch. It is not yet announced when this game would be available on other platforms such as Android. As always, Android Community is trying hard to stay classy.
For some reasons there are numbers of fake Plants vs. Zombies 2 game at Google Play. Fake developers impersonating real companies.
Take a look at the screenshots from Google Play:
“Plants Vs Zombies 2” by Gameloft Ltd.
The last time I checked, Plant vs. Zombies 2 is a game by Popcap, an Electronic Arts company.
This “Gameloft Ltd” company apparently also makes games such as Minecraft Pocket Edition, Hay Day and Injustice Among Us. It is obvious that the three games mentioned are actually made by different companies.
Curiously, there’s another “Plants vs Zombies 2” by Heather Kountz at Google Play. This “Heather Kountz” also makes games such as Minecraft Pocket Edition, Clash of Clans and Injustice Among Us.
Shocking!
Few days later, both “Gameloft Ltd” and Heather Kountz” disappeared from Google Play, conveniently replaced by “Suzanne Lally” and “EA Games Apps”.
Please be careful downloading Apps from Google Play. Watch for the impostors.