Google’s Chrome OS is a secure choice for an operating system, but older devices may no longer be supported. When a Chrome device reaches its Auto Update Expiration (AUE) date, automatic updates from Google will no longer be provided.
Google has requested that its Chrome browser be updated as soon as possible due to a security vulnerability logged as CVE-2019-5786. Users should make certain that the installed Chrome version is 72.0.3626.121 or higher.
Google Chrome will display all non-HTTPS sites as “not secure” with the release of version 68 in July 2018. HTTPS websites will also be ranked slightly higher in Google searches when compared to HTTP sites.
Let’s Encrypt is a free certificate authority that can be used to create HTTPS websites. This project is managed by the non-profit Internet Security Research Group (ISRG). Let’s Encrypt works well for low and medium traffic websites. Websites that experience a great deal of web traffic or need warranty coverage should consider a paid certificate authority. Let’s Encrypt certificates also expire every 90 days and have to be renewed.
More information is available at:
Google Chrome Remote Desktop is an app that allows users to access remote computers through the Chrome browser or the Chromebook operating system using a secure connection. This app is free and runs on multiple platforms, including Windows, Mac, and Linux.
Extensions for the Microsoft Visual Studio suite of products can be found at marketplace.visualstudio.com. Extensions add support for languages not included in Visual Studio, aid in IDE development, or perform a specific task.
Some current popular extensions are:
- Developer Analytics Tools
- PowerShell (replaces PowerShell ISE)
- SQL Server, Azure SQL and SQL Data Warehouse (mssql)
- C# and C/C++
- Deploy to Azure
- Chrome Debugger
- Oracle Developer Tools for Visual Studio Code
- Go language for Visual Studio Code
- PostgreSQL for Visual Studio Code
- Visual Studio IntelliCode (productivity features for Python and Java)
- Visual Studio Live Share
- Visual Studio Pull Requests
- Visual Studio Code Remote for WSL, SSH and Docker containers
- Java Language Support (Red Hat)
- All Microsoft Visual Studio Extensions
Extensions can be free, preview, or paid. Paid extensions are often charged per user per month. Preview extensions are eventually converted to paid extensions. Extensions are either written by Microsoft, third party vendors, or individual developers.
More information can be found at code.visualstudio.com/docs/extensions/overview.
Two recently detected security flaws currently named “Meltdown” and “Spectre” are causing Apple, Microsoft, Google, Intel, and others to release security updates to fix any potential problem. The flaws potentially affect all recent computers, smartphones, and tablets that use a CPU performance feature called speculative execution. There is no evidence that the flaws have been exploited at this time. The general recommendation is to download updates for all devices.
Current Apple products may have the security flaws with the exception of the Apple Watch. Apple is continuing to work on updates and released a statement at https://support.apple.com/en-us/HT208394.
Microsoft issued guidance for Windows users, SQL Server, Windows Server, and has updated most of its Azure infrastructure and will continue to do so. Security update KB4056890 also updates Internet Explorer and Edge browsers. Microsoft also issued update KB4056892 for various Windows versions but notes that some AMD processor machines to stop working after installing it.
Google recommended that Chrome users should turn on site isolation. Google also responded with these blog posts:
Intel released a statement as well and is releasing updates. It also reported some systems rebooted more frequently after the updates. AMD also released a statement on their CPUs and speculative execution.
Oracle issued updates for MySQL, Java, PeopleSoft and other products that it maintains.
eWeek reported that Linux 4.15 was released with Meltdown and Spectre patches and that further patches would be made for this issue.
More information can be found at https://spectreattack.com.
Follow these steps to disable nearly all video playbacks in Firefox.
To disable non-Flash Player video:
Type this into web address and press Enter: about:config
Click the “I accept the risk” button when this warning appears.
Right-click on the following lines under media prefixes to set the value to False:
To disable Adobe Shockwave Flash video, click the “Open Menu” button at the top right part of the screen, then select “Add-ons”.
Select “Plug-ins”, then change the Shockwave Flash setting to “Ask to Activate” or “Never Activate.”
Non-Flash video playback can be disabled in the Chrome browser by installing a free add-on such as Disable HTML5 Autoplay.
To see all Firefox About menus, type this into the web address and press Enter: about:about
Adobe Systems has issued an emergency security update for its Adobe Flash Player. This applies to Windows, Mac, Linux, and Chrome operating systems.
Symantec has identified the downloaded filenames as flash_player_updater.exe or update_flash_player.exe. (Downloader.Ponik). The virus is classified as Trojan.Ransomlock.Q if the fake update is downloaded and installed.
Users should only install Flash updates from https://get.adobe.com/flashplayer/
More information is at:
PC users who upgrade to Windows 10 may find that Chrome or Firefox is no longer the default web browser.
To set Mozilla FireFox as the Windows 10 default web browser, follow these instructions:
Some general instructions on how to set Google Chrome as the default Windows browser: