Mozilla Firefox 3.0.10 released

Mozilla Firefox 3.0.10 has been released.

One critical vulnerability has been fixed and some stability corrections as well.

See release notes here and download latest version here or use internal updater.

Mozilla Firefox 3.0.9 released

Mozilla Firefox 3.0.9 has been released.

There are several security fixes, one for critical vulnerability, two for high and two for moderate.

See more information here

You can use internal updater or download newest version from here

Spywareblaster 4.2 released

Spywareblaster 4.2 has been released.

Below is changelog from Wilderssecurity:

[4.2]
-Windows 7 support
-Internet Explorer 8 support
-K-Meleon support
-Faster, secure updating worldwide
-Automatic program version upgrade support (for AutoUpdate users)
-Interface improvements
-Displays dates and other information in local format
-Enhanced support for Flock 2.x
-Better support for upgrading in the installer - now does more to help ensure that previous versions are removed when installing "over the top"
-Significantly faster "Disable All Protection" operation
-Fixed "window doesn't display" on some PCs
-Fixed recurring "run from Admin account" error
-Fixed problems detecting some Firefox (and other Gecko-based browser) profiles
-Fixed crash enabling AutoUpdate on Windows Vista if the Task Scheduler service is disabled
-Implemented requested "Find Unprotected" right-click feature for the Block Lists
-Many additional small bug fixes, tweaks, and optimizations
Requirements:

Windows 98, ME, NT4, 2000, XP, Vista, 7.


Provides Protection for the Following Browsers:

* Internet Explorer
and any browsers that use the Internet Explorer engine, including:
o AOL web browser
o Avant Browser
o Slim Browser
o Maxthon (formerly MyIE2)
o and more
* Mozilla Firefox
* Netscape
* Seamonkey
* Flock
* K-Meleon

Download latest version here

It is recommended to uninstall older version before uninstalling new version.

Malwarebytes' Anti-Malware 1.36 released

Malwarebytes' Anti-Malware 1.36 has been released.

Below is changelog from Malwarebytes' website

*(FIXED) Minor cosmetic issue during removal process.
* (FIXED) Minor problem with false positives.
* (FIXED) Silent update no longer displays message on program update.
* (ADDED) New heuristics for Vundo infections.

You can download latest version from link above or use internal updater.

Unpatched vulnerability in older PowerPoint versions

Microsoft released recently a security advisory about remote code execution vulnerability in older Microsoft Office PowerPoint programs.

Vulnerability is in these versions of Powerpoint:

Microsoft Office PowerPoint 2000 Service Pack 3
Microsoft Office PowerPoint 2002 Service Pack 3
Microsoft Office PowerPoint 2003 Service Pack 3
Microsoft Office 2004 for Mac

Attack is able to perform using bad PowerPoint file but needs action from users side. One example where to get it could be email attachment.

If PowerPoint version is 2003, Microsoft recommends to use Microsoft Office Isolated Conversion Environment (MOICE) for opening PowerPoint documents as stated in earlier advisory

Microsoft is not sure if fix would be in April updates.