Opera 9.51 was released yesterday. According to the Opera Desktop Team Blog, this addresses a few security and stability issues and it is recomended that everyone install this update.

Opera 9.27 was released yesterday to address a few security and stability issues, as well as to address a print issue related to Mac OS. You can download the update here.

Firefox 2.0.0.12 is now available for multiple platforms. This is a security and stability update and it’s recomended that all users update to the latest version.

An urgent update for WordPress has been released. WordPress 2.3.3 addresses a flaw in the XML-RPC implementation that could enable a user to edit posts of other users. You can download the new update here.

An update is available for Wordpess. This is an “urgent security release“, that addresses a flaw that could allow your draft posts to be exposed. For more information on what has changed, view the list of fixed bugs and changes. You can download the latest version here.

Opera Watch and the Opera Desktop Team are reporting that Opera 9.25 was released. This release addresses a few security concerns, and is a recommended update. The changelog has more details.

Ok, the title sounds like Ask.com is doing something bad. They aren’t, I don’t think. You see, they’ve added a new link to the US website that says “AskEraser“. Enabling this will delete your search activity from the Ask.com servers. On the downside, ths will also prevent you from using some of Ask.com’s other features like site skins (themes) and the “My Stuff”.

Who cares about those silly things, right? After all, your searches are safe, right? That’s what it sounds like, unless you look a bit further and read the FAQs. According to the information here, even with AskEraser enabled, Ask.com may still record your data when required by law, or if Ask.com has a technical error.

Those of you worried about your search data here is a tip for you. Don’t search for any Personally Identifiable Information (PII). That means don’t Google your SSN, don’t Yahoo! your full name, and don’t Ask your bank account number. Be smart, and you’ll be safe.

An unpatched flaw (yes, there are many) in Microsoft’s Internet Explorer may put users of the Google Desktop Search at risk. This flaw has to do with the way IE handles (or mishandles) CSS. A malicious web page can inject code into a page which allows it to execute on a remote machine.

There is currently no fix available from Microsoft. And while no known use of this exploit has been used, there has been a proof of concept posted on the net.

Those of you who (for whatever reason) still use Internet Explorer, it is recommended that you disable JavaScript and/or switch to a better browser. Personally, I’d block IE in the firewall.

Last week Google added antivirus scanning to its popular web based, free email service, GMail.com. Not much was really said about it other than it is here.

This got me wondering. Is Google using a 3rd party virus scanning service? Or could we see a Google Antivirus in the near future?

The famous Firefox promotion site, SpreadFireFox.com was taken down by hackers. Here is the email sent out to all members of SpreadFirefox.com:

The Spread Firefox Team became aware this week that the server hosting Spread Firefox, our community marketing site, has been accessed by unknown remote attackers who attempted to exploit a security vulnerability in TWiki software installed on the server. The TWiki software was disabled as soon as we were aware of the attempts to access SpreadFirefox.com. This exploit was limited to SpreadFirefox.com and did not affect mozilla.org web sites or Mozilla software.

We have scanned Spread Firefox servers and at this time do not believe any sensitive data was taken, but as a precautionary measure we have shutdown the site and will be rebuilding the web site from scratch. We also recommend that you change your Spread Firefox password and the password of any accounts where you use the same password as your SpreadFirefox account. We will notify you again when the site is back up with instructions on how to change your password. (Note: We do use MD5 hashing on the passwords, but MD5 cannot protect all passwords against off-line dictionary style attacks.)

After Spread Firefox was compromised in July, we instituted procedures to ensure that we apply all security fixes to the software running the site (Drupal and PHP) as soon as they become available. Unfortunately, those procedures overlooked the installation of the TWiki software since it is not used by the main Spread Firefox site. When the system is rebuilt, all the software will be audited to ensure that security updates will be applied in a timely manner. We deeply regret this incident and any inconvenience this may have caused you.

Sincerely,
Spread Firefox Team
Mozilla Foundation

Things don’t look good for the Firefox Fanboi’s that run the site, as this was the 2nd time the site has been downed by those pesky hackers.