The H Week
Red Hat has been running its in-house conference, the Red Hat Summit, in Chicago this week so there have been quite a few stories from them. Security-wise the biggest news was of Mozilla's moves to protect Adobe Flash users and of a critical bug in the FTP service associated with IIS in some of Microsoft's products.
Open Source news
The H Open kicked off the first week of September with the last part of its detailed coverage of the upcoming 2.6.31 Linux Kernel in the Kernel Log mini-series "Coming in 2.6.31". This part dealt with CUSE, USB 3.0, FireWire networking and other parts of the soon to be released Linux update.
Google Chrome news this week included a deal with Sony to pre-install the Chrome browser on all new Sony PCs, and speculation, fuelled by an apparent place-holder among the Chromium web pages, that there might be a Chromium operating system in development.
Other Red Hat stories include the introduction of a JBoss certification programme and news that the strategic partnership between its JBoss subsidiary and French software house eXo has born fruit in the form of the new GateIn portal project.
The H was first to report the news, on Thursday, that the soon to be released, new versions of the Firefox browser will include an on-launch check to see if the user has a current version of Adobe Flash plug-in installed. This security measure is to ensure that users are not unnecessarily exposed through continuing to use an old and flawed plug-in.
Our top security news on Monday was of holes in the FTP service of Microsoft's Internet Information Services that could allow attackers to gain system privileges. Following our original report Microsoft confirmed that there was a problem and that they were working on the issue. Two days later Microsoft issued a security advisory warning of a the bug in the FTP server service in Internet Information Services (IIS). No date was set for a patch release but Microsoft did suggest a couple of workarounds.
On Thursday there was the customary Microsoft announcement of the patches Microsoft intends to provide on its Patch Tuesday in the coming week. This time it's five patches to close remote code execution vulnerabilities on Windows.
Following the recent release of Apple's Snow Leopard, Mac OS X 10.6 it has emerged that the release DVD includes a flawed version of Adobe Flash Player. In early August Adobe had advised users to upgrade Flash Player to close a vulnerability. It seems installing the latest Mac OS from the DVD results in a reversion to an older player and re-introduces the vulnerability.
To see all last week's news see The H's last seven days of news and to keep up with The H, subscribe to the RSS feed, or follow honlinenews on Twitter. You can follow The H's own tweeting on Twitter as honline.