Apple released the latest update to iTunes today, version 11.0.3, fixing 41 vulnerabilities in the Windows version and 1 in the OS X version. Many of these flaws are rated critical and we advise you update as soon as possible.
Here's the latest episode in the popular "Chet Chat" series.
Join Chet and Duck as they discuss what we can learn from recent security news in this quarter-hour podcast.
Apple has pushed out a Safari update to go along with this week's "Java Tuesday" fix.
It's supposed to give you finer-grained control over Java in your browser.
Paul Ducklin puts it through its paces...
It's that time of the week again - here's your roundup of everything we wrote in the last seven days.
Apple ships OS X 10.8.3 - 11 remote code execution vulns patched, Snow Leopard and Lion get fixes too
Apple has shipped the latest point release of its flagship Mountain Lion (OS X 10.8) operating system.
There are plenty of security fixes in there, which Snow Leopard (10.6) and Lion (10.7) users get too, in standalone security updates.
PWN2OWN 2013 finished off today.
A second scheduled attack on IE 10 didn't happen, so IE 10 didn't get owned again, but Flash and Reader fell once each, and Java was exploited for the fourth time in two days...
Of the Big Four browsers, only Apple's Safari has so far survived the onslaught of the browser-breakers at PWN2OWN 2013.
Java fell three times today; Adobe's Flash and Reader meet their attackers tomorrow...
Apple's thrown in the towel on the Java mess and has, for the second time in two weeks, blocked all versions of Java on OS X 10.6 (Snow Leopard) and later.
Apple has released updates for users of the iPod Touch, iPhone, iPad and Apple TV products that fix critical vulnerabilities. Apple users should update their devices to iOS 6.1 as soon as possible.
Only six weeks to go until PWN2OWN 2013, where you can hack the Big Four browsers and the Big Three plugins, and win over half a million dollars.
But is it just about the money?
Paul Ducklin investigates...
After the recent discovery of a zero-day vulnerability in Oracle's Java Web Start plugin Apple and Mozilla are now disabling Java by default until fixes are made available.
A U.S. federal judge in San Francisco gives the nod of approval, declaring that Google should pay a $22.5M USD fine for misleading consumers about the privacy protections offered to users of Apple's Safari web browser.
The same team of Polish researchers who discovered a critical security hole in Oracle’s Java software say that they uncovered another such hole, which could be used to bypass the secure application “sandbox” on most recent versions of Java.
Opera, a relative minnow in the web browser market, is reckoned to be a more secure browser than the likes of Google Chrome, Mozilla Firefox and Internet Explorer - according to our online poll.
But maybe someone has influenced the vote?
As browser makers beef up security in their products - which product do you recommend to friends who want to surf the web more safely?
Is the job listing for a Data Privacy Engineer proof that Google's mending its privacy ways, or is the gesture as empty as the HTML form it used to slip past Safari's no-tracking controls?