Here are some of the most significant bugs from the past week in the BugBlog:
If you have an Intel-based Mac and want to install a firmware update, you will have problems if your computer is configured with a non-standard partition scheme. When you try to install, the computer may beep once when you boot it up, but the update won’t take place. This affects the Mac Mini (early 2006) Firmware Update 1.0; the MacBook Pro (early 2006) Firmware Update 1.0; and the iMac (early 2006) Firmware Update 1.0. See Apple’s web site for more.
There is a bug in the CSS (Cascading Style Sheets) letter spacing property in Mozilla Firefox, Thunderbird, Mozilla Suite, and SeaMonkey. The bug sets up a heap buffer overflow that a remote attacker with a malicious website could exploit to take over your computer. This has been fixed in Firefox 220.127.116.11, Firefox 1.0.8, Thunderbird 18.104.22.168, Thunderbird 1.0.8, SeaMonkey 1.0.1, and the Mozilla Suite 1.7.13. Mozilla credits TippingPoint and the Zero Day Initiative for finding this bug. Get the free updated products at Mozilla.
Microsoft has released the latest cumulative security update for Microsoft Internet Explorer. This is a critical update, and covers IE for Windows 2000, XP, and Server 2003. In addition to all the previous fixes for IE, it also fixes ten new bugs, most of which are critical, and could allow a remote attacker to take control of your computer. Find links to the update for each version at Microsoft’s security page, as well as details for each of the bugs. Also check the Credits section to see the eight people who found these bugs for Microsoft.