Browser Update Notice November 2012

Last Updated: 11/30/2012

Security Notice Level

SEVERE

In the past month Mozilla, Apple and Google released updated versions of their respective browsers and email software. Vulnerabilities addressed include execution of arbitrary code, denial-of-service conditions, bypassing security restrictions, operating with escalated privileges, and performing cross-site scripting attacks.

The IT Security office advises users restart their browsers to facilitate updating.

Affected software:

Apple Safari prior to version 6.0.2
Versions of Firefox prior to version 17
Versions of Thunderbird prior to version 17
Versions of Firefox ESR prior to version 10.0.11
Versions of Thunderbird ESR prior to version 10.0.11
Versions of SeaMonkey prior to version 2.14
Versions of Google Chrome prior to version 23.0.1271.95

Security bulletin names:

Stable Channel Update
Security Advisories for Firefox ESR
Security Advisories for Firefox
Security Advisories for Thunderbird
Security Advisories for Thunderbird ESR
Security Advisories for SeaMonkey
APPLE-SA-2012-11-01-2 Safari 6.0.2

Affected Software

Additional Information

Additional information about this vulnerability can be viewed at:

http://prod.lists.apple.com/archives/security-announce/2012/Nov/msg00001.html
http://www.mozilla.org/security/known-vulnerabilities/firefox.html

http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html

http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html

http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html

http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html

http://googlechromereleases.blogspot.com/2012/11/stable-channel-update_29.html

If you have any questions, please contact the IT Service Center at 303-735-4357 (or 5-HELP from an on-campus phone) or help@colorado.edu. Email and phone help is available Mondays through Thursdays, 7:00 a.m. to 10:00 p.m.; Fridays 7:00 a.m. to 7:00 p.m.; and Saturdays and Sundays, noon to 6:00 p.m.