186589
story
Continent1106 writes
"Hacker Michal Zalewski has ratcheted up his ongoing assault on Web browser security models, releasing details on serious flaws in fully patched versions of IE6, IE7 and Firefox 2.0. The vulnerabilities could cause cookie stealing, page hijacking, memory corruption, code execution, and URL bar spoofing attacks." Here is
Zalewski's post to Full Disclosure.
1479025
story
Carl Bialik from WSJ writes
"When software makers urge upgrades, it isn't always in users' best interest, the Wall Street Journal reports. Many upgrades bring advertising or other unwanted features; some iTunes users felt this way about a recent upgrade. But for many programs, downgrading can be a headache--Yahoo generally doesn't link to old versions of software, and Apple says iTunes can't be downgraded. Some websites can help with the problem. OldVersion.com, for instance, offers more than 600 versions of about 65 different programs. The site's 16-year-old administrator says, 'Companies make a lot of new versions. They're not always better for the consumer.'"