Firefox gets security update...again

NetworkWorld.com | Security Research Center | Update Your Profile Firefox gets security update...again By Jason Meserve For the second time in a week, Mozilla has released an update to its popular Firefox browser. Version 2.0.0.11, which should have started to auto-download over the weekend, fixes a flaw in one of Firefox's rendering engines. Also today, Cisco confirms the ability eavesdrop of VoIP calls and two new patches for the Asterisk IP PBX system. Read full story Jason Meserve is Network World's Multimedia Editor and writes about streaming media, search engines and IP Multicast. Check out his Multimedia Exchange Weblog. Check out Jason Meserve and Keith Shaw's weekly podcast "Twisted Pair" SPONSORED BY WORKSHARE STOP Data Leak Compliance Violations Webcast Is your organization at risk of data leaks and intellectual property theft? Learn how today's organizations are reducing risk! Eliminate compliance violations by blocking visible data, strengthen compliance control by monitoring and enforcing policies, and control policies enterprise-wide using a single, centralized management console. Click here to view now! RELATED NEWS: Government-sponsored cyberattacks on the rise, McAfee says Governments and allied groups worldwide are using the Internet to spy and launch cyberattacks on their enemies, targeting critical systems including electricity, air traffic control, financial markets and government computer networks. Network World, 11/29/07. Google looks for help finding malicious Web sites Google is asking everyday Web surfers to help with its efforts to stamp out malicious Web sites. The company has created an online form designed to make it easy for people to report sites they suspect of hosting malicious code. IDG News Service, 11/30/07. Insider charged with hacking California canal system A former employee of a small California canal system has been charged with installing unauthorized software and damaging the computer used to divert water from the Sacramento River. IDG News Service, 11/29/07. Honor among thieves? The Mpack and IcePack exploit packages have been on sale for some time. Now, free releases of these tools are being distributed, but are these free distributions all they are supposed to be? While examining these free releases we discovered some surprises. Symantec Security Response blog, 11/30/07. Exploit for Apple QuickTime Vulnerability in the Wild On November 25, we blogged about a proof of concept exploit code for Apple's QuickTime RTSP Response Header Remote Stack Based Buffer Overflow Vulnerability being disclosed to the public. Now a week has passed and Symantec's DeepSight honeynet has spotted at least one active exploitation in the wild. Symantec Security Response blog, 12/01/07. US-CERT advisory: Apple QuickTime RTSP Buffer Overflow Police raid botmaster blamed for 1 million infections Police have raided the home of the alleged ringleader of an international group of cybercriminals said to be responsible for infecting more than one million computers. IDG News Service, 11/29/07. HOLIDAY GIFT GUIDE Find the very best tech holiday gift ideas. '07 ENTERPRISE ALL-STARS Honoring outstanding technology projects. SPONSORED BY WORKSHARE STOP Data Leak Compliance Violations Webcast Is your organization at risk of data leaks and intellectual property theft? Learn how today's organizations are reducing risk! Eliminate compliance violations by blocking visible data, strengthen compliance control by monitoring and enforcing policies, and control policies enterprise-wide using a single, centralized management console. Click here to view now! Get Expert Directory and Identity Training at DEC 2008 Join NetPro, Microsoft and the world's top directory and identity experts for the Seventh Annual Directory Experts Conference (DEC) 2008, the only conference for expert training on Microsoft directory and identity technologies. DEC 2008 runs March 2-5, 2008, at the Hilton Chicago. Register today at: http://www.dec2008.com Featured reader resource 90% of IT Managers are leaving their company at risk for a DNS ATTACK. Get the tools and resources you need to keep your DNS healthy and secure. Run a DNSreport on your domain today - 56 critical tests run in 8 seconds. Visit www.dnsreport.com to learn more. (apply coupon NWW2007NLA for a 25% membership discount)   12/03/07 TODAY'S MOST-READ STORIES: Open source's future FBI 'Bot Roast II Cisco confirms ability to eavesdrop 3.3 billion mobile accounts 2007 Cool Yule Tools Gift Guide Sun bullies open source project owner Teleworkers called back to cubicle life Boeing, USAF show off bomb firing tech Fast Windows fixes Which certifications are worth your time? MOST POPULAR SLIDESHOW: Networkiest TV characters Executive Guide The Security Treadmill This Executive Guide offers interviews with leading, real-world security experts who tell you how to get inside users' heads, fight for a bigger security budget, and whether VoIP security issues are overstated or underrated, and much more. Review this informative guide today. Click Here for More Information IT Buyer's Guides Compare products, get advice, and check out tests and reviews from the experts at Network World. Over 70 categories. Visit now.   To continue receiving NetworkWorld's Security: Threat Alert newsletter, please add @nwfnews.com to your white list. COMPLIMENTARY SUBSCRIPTIONS AVAILABLE As a NW newsletter subscriber you are eligible to receive 50 issues of Network World Magazine, in print or electronic format, free of charge. Sign up for your subscription today: Apply here. International subscribers,click here.   SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. Terms of Service/Privacy Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007