Tag Archives: Chrome

Chrome OS automatic updates may not be available for older devices

Google’s Chrome OS is a secure choice for an operating system, but older devices may no longer be supported.  When a Chrome device reaches its Auto Update Expiration (AUE) date, automatic updates from Google will no longer be provided.

IFixit has instructions on how to convert a working Chromebook past its expiration date to use CloudReady.

Secure HTTPS websites for free using Let’s Encrypt

Google Chrome will display all non-HTTPS sites as “not secure” with the release of version 68 in July 2018HTTPS websites will also be ranked slightly higher in Google searches when compared to HTTP sites.

Let’s Encrypt is a free certificate authority that can be used to create HTTPS websites.  This project is managed by the non-profit Internet Security Research Group (ISRG).   Let’s Encrypt works well for low and medium traffic websites.  Websites that experience a great deal of web traffic or need warranty coverage should consider a paid certificate authority.  Let’s Encrypt certificates also expire every 90 days and have to be renewed.

Certbot is a free tool made by the Electronic Frontier Foundation (EFF)  in order to automatically use Let’s Encrypt certificates on manually-administrated websites to enable HTTPS.

More information is available at:

Meltdown and Spectre security flaws forces tech companies to release updates

Two recently detected security flaws currently named “Meltdown” and “Spectre” are causing Apple, Microsoft, Google, Intel, and others to release security updates to fix any potential problem.  The flaws potentially affect all recent computers, smartphones, and tablets that use a CPU performance feature called speculative execution.  There is no evidence that the flaws have been exploited at this time.  The general recommendation is to download updates for all devices.

Current Apple products may have the security flaws with the exception of the Apple Watch.  Apple is continuing to work on updates and released a statement at https://support.apple.com/en-us/HT208394.

Microsoft issued guidance for Windows users, SQL Server, Windows Server, and has updated most of its Azure infrastructure and will continue to do so.  Security update KB4056890 also updates Internet Explorer and Edge browsers.   Microsoft also issued update KB4056892 for various Windows versions but notes that some AMD processor machines to stop working after installing it.

Google recommended that Chrome users should turn on site isolation.  Google also responded with these blog posts:
https://support.google.com/faqs/answer/7622138
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html

Mozilla is working on updates and a fix is available in Firefox 57.0.4 version.

Amazon has updated its servers already and will continue to do so.

Intel released a statement as well and is releasing updates.  It also reported some systems rebooted more frequently after the updatesAMD also released a statement on their CPUs and speculative execution.

Oracle issued updates for MySQL, Java, PeopleSoft and other products that it maintains.

The CERT Vulnerability Notes Database has logged this issue as Vulnerability Note VU#584653.

eWeek reported that Linux 4.15 was released with Meltdown and Spectre patches and that further patches would be made for this issue.

More information can be found at https://spectreattack.com.

How to disable Video Autoplay in Mozilla Firefox Browser

Follow these steps to disable nearly all video playbacks in Firefox.

To disable non-Flash Player video:

Type this into web address and press Enter: about:config

Click the “I accept the risk” button when this warning appears.

firefoxaboutconfigwarning

Right-click on the following lines under media prefixes to set the value to False:

firefoxaboutconfigmediaautoplay

media.autoplay.enabled
media.directshow.enabled
media.eme.enabled
media.encoder.webm.enabled
media.ffvpx.enabled
media.gmp-eme-adobe.enabled
media.gmp-widevinecdm.enabled
media.mediasource.enabled
media.mediasource.mp4.enabled
media.mediasource.webm.enabled
media.mp4.enabled
media.navigator.enabled
media.ogg.enabled
media.peerconnection.enabled
media.peerconnection.video.enabled
media.play-stand-alone
media.raw.enabled
media.wave.decoder.enabled
media.wave.enabled
media.webm.intel_decoder.enabled
media.webvtt.enabled
media.wmf.enabled

To disable Adobe Shockwave Flash video, click the “Open Menu” button at the top right part of the screen, then select “Add-ons”.

firefoxaddons

Select “Plug-ins”, then change the Shockwave Flash setting to “Ask to Activate” or “Never Activate.”

firefoxflashasktoactivate

Non-Flash video playback can be disabled in the Chrome browser by installing a free add-on such as Disable HTML5 Autoplay.

To see all Firefox About menus, type this into the web address and press Enter: about:about

Fake Adobe Flash update installs Ransomware

Adobe Systems has issued an emergency security update for its Adobe Flash Player.  This applies to Windows, Mac, Linux, and Chrome operating systems.

Symantec has identified the downloaded filenames as flash_player_updater.exe or update_flash_player.exe. (Downloader.Ponik).  The virus is classified as Trojan.Ransomlock.Q if the fake update is downloaded and installed.

Users should only install Flash updates from https://get.adobe.com/flashplayer/

More information is at:
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html

 

Windows 10 upgrade may set Microsoft Edge as Default Browser

PC users who upgrade to Windows 10 may find that Chrome or Firefox is no longer the default web browser.

To set Mozilla FireFox as the Windows 10 default web browser, follow these instructions:
https://support.mozilla.org/en-US/kb/how-change-your-default-browser-windows-10

Some general instructions on how to set Google Chrome as the default Windows browser:
https://support.google.com/chrome/answer/95417?hl=en