Tagged With patches


Oracle's latest quarterly security update contains 253 patches for 76 of its enterprise products including databases, operating systems, Java and networking components. Among the security bugs that the update addresses, 15 of them are rated critical, some of which allow for remote exploitation by attackers without authentication in Java Standard Edition (SE) and Oracle's database offerings. Here's what you need to know.


Dear Lifehacker, I recently pre-purchased Wolfenstein: The New Order for PC. I chose the DVD rather than a Steam download because my 4G broadband limit is 15GB per month (there's no ADSL where I live). The game arrived yesterday and I eagerly installed the four DVDs one by one. When I returned 10 minutes after inserting disk 4, Steam had automatically downloaded 10 GB of "updates", thus breaking my internet connection for the rest of the month.


VMware has issued a patch to fix a potential vulnerability for Windows VMs running on its platform. The notes on the patch are (as Sophos' Paul Ducklin points out) a little hazy about the potential impact, but no-one wants to risk a vulnerability in a virtual environment -- get patching!


Microsoft just released the official security update for Internet Explorer to address the serious browser exploit we told you about yesterday, so if you've got any computer running IE, you'd best get downloading. Security experts advised users to stay off Internet Explorer due to a serious security exploit in all versions of IE, and a third-party developer even pushed out an unofficial temporary fix, but you can now go grab the official patch straight from the source. The patches are available in several different downloads depending on what version of IE you're using and what OS you're running, and not all of the downloads are pointing to existing pages yet, but they should hopefully all be rolled out sometime today. Microsoft Security Bulletin MS08-078 - Critical


Microsoft will be pushing out an unscheduled security patch for Internet Explorer's recently-discovered vulnerability tomorrow, but you can get a temporary patch from British software security firm Prevx today. Tech news site TechRadar reports that simply not using IE won't keep the vulnerability from affecting your PC; an estimated 2 million PCs have already been infected. The vulnerabilty affects IE 6 and above, including Internet Explorer 8. Chances are users won't get to the Prevx temporary fix before tomorrow, but if anything make sure Windows' software updates are turned on so you get Microsoft's official fix then.