We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
2,862 Tutorials

Bugs and Fixes: updates to Windows iTunes, Java, and Internet Explorer

A fix stops Java from disabling itself, and iTunes for Windows and Internet Explorer get some security tweaks.

Update, update, update: Form that habit now, if you haven't already, to keep up with security fixes. The latest include the usual tweaks to fend off malicious attacks, and a fix to Java that should prevent it from disabling itself constantly. That would be nice.

Apple updates Windows iTunes to 11.1.2

The 11.1.2 version of iTunes for Windows (10/22/2013) fixes several potential security issues. The program could be crashed if someone of sufficiently evil intent exploited memory access flaws in the handling of text tracks.

A bug related to WebKit memory corruption issues could allow nefarious beings to insert themselves between iTunes and the iTunes store. It has also been addressed with this update.

Finally, Apple has updated its usage of libxml and libxslt to 2.9.0 and 1.1.28, respectively, to ward off potential tampering that could cause unexpected program shutdowns or the running of malicious code.

Java's Slew of Fixes

If you've be tracking your browser's add-ons or extensions recently, you may have noticed that Java has been disabled with alarming regularity recently (if you've forgone the automated Java updates). Hopefully Java 7 update 45 (7u45) will lessen the onslaught of disablement with its whopping 51 fixes, all part of Oracle's latest Critical Patch Update released on 10/13/2013 (no, it wasn't a Friday). There are protections against code redistribution, and a warning if an application is started in an unexpected location, just to name two.

Apple issued its own update, but it's probably time to move to Oracle's plug-in if you're a Mac user.

Cumulative Security Update for Internet Explorer (2879017)

If you don't have automatic updates enabled for Internet Explorer, you might want to grab this one, which was made available on 10/8/2013 for every version of IE since 6. It addresses a number of security flaws, including one that "could allow remote code execution if a user views a specially crafted webpage...". Not only that, attackers could gain local administrative rights and play havoc with your PC in any way they see fit.

2879017 is a must-have, as is any security fix that's been publicized. There are always bad guys waiting to prey on laggards. If you have automatic updates enabled, you probably already have it.

IDG UK Sites

Microsoft launches Office for Android: Check the system requirements first

IDG UK Sites

8 reasons you should start a blog

IDG UK Sites

Do we need to fight the government again over design and art education?

IDG UK Sites

Apple Watch release date & UK price rumours: Watch 'not confirmed' for April release in UK says...