Paul B. Gallagher wrote:
Yesterday, I wrote:
ZDNet says Mozilla products (recent ones, anyway) are safe from the
latest[FN] SSL/TLS security hole:
<http://www.zdnet.com/article/how-to-protect-yourself-against-freak/>
Of course, systems that also use other software are still vulnerable.
For example, even though my SM 2.32.1 passed the test, my fully patched
IE 11 is still vulnerable until I fix it.
--------------------
[FN]--By "latest," I mean "the most recently discovered," not "the most
recently created." This one apparently goes back decades.
Ironically, the group policy workaround described in the ZDNet article
(copied from an M$ security advisory) fixes Internet Exploiter, but
breaks Windows Update. So in order to detect and apply Micro$oft's
forthcoming patch (whenever that may be), you have to remain vulnerable.
Alternatively, you can periodically disable the workaround, restart,
check for updates, reenable the workaround, and restart.
Can you not still use Belarc Advisor to check on security patches? That
used to work. All you had to do was get the latest version and run it,
then follow the links to get the patches.
_______________________________________________
support-seamonkey mailing list
[email protected]
https://lists.mozilla.org/listinfo/support-seamonkey
