Release: WordPress 4.7.2

The WordPress Logo

Last week WordPress released the second security update for version 4.7. There were 3 security issues fixed: Interface for assigning taxonomy terms in Press This was shown to users who did not have permission An SQL injection vulnerability was patched in the WP_Query class to prevent poorly coded plugins and themes from falling victim (involving post types)… Continue reading Release: WordPress 4.7.2

Release: Google Chrome 56

Google Chrome Browser Logo

Google has released version 56 of its web browser, based on the open-source Chromium web browser. There were 51 security-related bug fixes and one security researcher nabbed over thirty-thousand dollars ($30,000) for reporting some particularly nasty cross-site scripting (XSS) issues in Blink, Chrome’s rendering engine. Here are the other new and fixed features: For Users… Continue reading Release: Google Chrome 56

Release: Firefox 51

Mozilla Firefox Logo

Mozilla has released version 51 of the open-source Firefox web browser. What can you expect from this release? For Users Save password prompt allows you to view the password before it is saved Zoom button added to the URL bar that displays the zoom level other than 100% – pressing the button returns to default… Continue reading Release: Firefox 51

SHA-2 Adoption Slow, Picking Up

Threat Post reports on how browser developers are working on both adding support for as well as adding warnings into browsers for users that use less secure certificates signed by SHA-1 hashes. As computers continue to increase in performance it becomes easier, faster, and cheaper to break older hash algorithms. New algorithms get developed but… Continue reading SHA-2 Adoption Slow, Picking Up

Categorized as Software

Browsers’ Interfaces Are Insecure

As browsers continue to add new features, many of them need to notify or request confirmation from the user. These notifications and dialogs are showing outside the browser interface and appear inside or overtop of the content window (considered to be untrusted since any content can be displayed by developers). This means that content developers… Continue reading Browsers’ Interfaces Are Insecure

Release: PHP 7.0.15, 7.1.1, 5.6.30

PHP (PHP: Hypertext Preprocessor) Logo

PHP has released security updates for versions 7, 7.1, and 5.6. Since these are security releases it is HIGHLY recommended you update to them. I also heavily recommend you update to them as there are some odd bugs fixed in earlier versions for rare cases that could cause hangs or segfaults (crashes) in some cases… Continue reading Release: PHP 7.0.15, 7.1.1, 5.6.30

Release: WordPress 4.7.1

The WordPress Logo

WordPress, the open-source blogging and CMS platform, has released version 4.7.1, a security update to version 4.7. The update fixes eight (8) major security issues as well as sixty-two (62) other various bugs found in 4.7. Remote code execution (RCE) in PHPMailer – No specific issue appears to affect WordPress or any of the major… Continue reading Release: WordPress 4.7.1

Chrome Changes: Encryption Notification

Google Chrome Browser Logo

Google Chrome version 56 (based on the open-source Chromium web browser) is scheduled to be released at the end of the month. One of the major user-level changes is how sites without encryption will appear. Until now there has just been a lowercase letter “i” with a circle around it — this was typically an indicator… Continue reading Chrome Changes: Encryption Notification