Home / Culture and Society / Science and Technology / Microsoft, Oracle, and Mozilla Thunderbird — The BugBlog Report

Microsoft, Oracle, and Mozilla Thunderbird — The BugBlog Report

Please Share...Print this pageTweet about this on TwitterShare on Facebook0Share on Google+0Pin on Pinterest0Share on Tumblr0Share on StumbleUpon0Share on Reddit0Email this to someone

Here are some of the most significant bugs from the past week in the BugBlog:

Microsoft will be re-issuing their MS06-015 security patch, which was released on April 11, 2006, to patch some critical security holes in Windows Explorer. Unfortunately, the patch also caused some major compatibility problems with third-party applications, including the Hewlett-Packard Share-to-Web service, Sunbelt Software’s Kerio Personal Firewall, and older drivers for NVIDIA graphics cards. The revised patch is being tested. Look for it around April 25.

Oracle has released a critical patch update that fixes security bugs in many of their products, including: Oracle Database 2,3, 8i, 9i and 10; Enterprise Manager, Application Server, Collaboration Suite, E-Business Suite, and PeopleSoft Enterprise Tools. They have also released a password scanner to look for older Oracle applications that may have been installed with well-known default passwords still in place. Find out more at Oracle’s security page.

There is a security bug that may hit Mozilla Thunderbird when you forward mail in-line (instead of as an attachment.) Any JavaScript that is embedded in the message may execute. This will happen if you are use the default HTML editor. You can prevent this by switching to plain text mail composition. Better yet, update to Thunderbird, Thunderbird 1.0.8, or the Mozilla Suite 1.7.13 to fix it completely. Mozilla credits Georgi Guninski for finding this bug.

Powered by

About Bruce Kratofil

  • Have I told you lately how USEFUL these reports are?

    [Expletive] useful, man!

    … now to upgrade my Thunderbird …