A Microsoft Office 2004 Security Update

Microsoft has released a security update for Office 2004, which “fixes a vulnerability that an attacker can use to overwrite the contents of your computer’s memory with malicious code.” They give no more information as to how the attacker will get access to your Mac via Office, but you should still apply this update just in case. You can get the 11.4.0 update by running Microsoft AutoUpdate, the updater that is included with Office 2004, or by visiting this web page and downloading a disk image.

Critical Update for Firefox

If you use Firefox as your web browser, it’s time to grab an update. The Mozilla Foundation has released a new version of the program containing ten fixes, three of them security patches for critical flaws. One of the flaws allowed remote users to swipe browser history, another the way the browser processes images on web pages, and the third was a remote code execution. There is also a fix for the way Firefox handles add-ons, which may have security ramifications.

Get the latest version of Firefox (2.0.0.12) here.

Acrobat Reader Security Update - Shh! It’s a Secret

When most vendors release security updates to their software, they tell users what is being fixed. Not Adobe; they’ve just released a security update for Acrobat Reader, version 8.1.2, and they say it “addresses a number of customer workflow issues and security vulnerabilities”, without giving any more information. This is a no-no in the security world, since administrators need to know what’s being fixed. In any case, if you use Acrobat Reader, get the latest update so you can be safe from . . . well, I don’t know what.

Quicken Update Causes Data Loss

Users of the popular Quicken financial software have been dismayed to see that, after applying a recent update, some of their personal files disappeared. For some reason, the updater deleted their entire Desktop folder. This can be a disaster, as the Desktop is, for many people, a repository for in-progress files.

The first thing to do is not update Quicken, if you haven’t already done so, to ensure that you don’t get stung by this bug. If you have already updated the program, and lost files, do not reboot it until you contact Quicken’s technical support. (Though if you know you’ve lost files, or if you’re reading this, you’ve probably already rebooted.) Quicken says it will try and help users recover their files, but it seem that this could be difficult. (See their tech note on this issue.)

In the meantime, we can only suggest that, before running any software updates, you make sure to back up, if not your entire Mac, at least your home folder, using Intego Personal Backup. In case of problems, you can recover your files, and not have to wait to reboot your Mac. Regular backups are the most essential link in the Mac security chain, because having backups ensures that even if you get stung, your files will be safe.

Firefox Update Includes Security Fix

The Mozilla Foundation has released Firefox 2.0.0.8, an update to this web browser for several platforms, including Mac OS X. In addition to fixing some bugs and enhancing performance, this update also includes eight security fixes, ranging from the banal to the critical. If you use Firefox, as many readers of this blog do, you should update to the latest version.

Another Security Update for Microsoft Office 2004

Microsoft today released a security update for Office 2004, which:

“fixes a vulnerability in Word 2004 that an attacker can use to overwrite the contents of your computer’s memory with malicious code.”

Microsoft says that you must have already installed the Microsoft Office 2004 for Mac 11.3.7 Update.

“To verify that you have installed this update, select the Microsoft Component Plugin file in the Microsoft Office 2004/Office folder on your hard disk, and then on the File menu, click Get Info.”

You can download the updater file from the link above, or you can run Microsoft AutoUpdate, which you’ll find in your Applications folder.