Google to patch Android credentials vulnerability

By on May 18, 2011 at 2:29 PM.

Google to patch Android credentials vulnerability

Well that didn’t take long. Yesterday, we told you about an Android vulnerability found in ClientLogin that could have serious security ramifications. Using a dummy open access-point, a nefarious third party could passively — via Wi-Fi — collect authentication tokens to password protected services such as Facebook, Twitter, and Google Calendar stored on affected Android devices. Speaking with Mobilized’s Ina Fried, the Android-maker has stated that it is taking action, and fast. “Today we’re starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts,” Google told the publication. “This fix requires no action from users and will roll out globally over the next few days.” The vulnerability will still be present in the company’s Picasa online photo offering, but Google stated that it is working to patch that service as well.

More →

25 Comments

Nintendo 3DS eShop and browser landing on June 6th

By on May 12, 2011 at 11:27 PM.

Nintendo 3DS eShop and browser landing on June 6th

Nintendo will launch the 3DS web browser and eShop on June 6th during the E3 game tradeshow in Los Angeles. A post on Nintendo’s website confirms: “The Nintendo eShop will be enabled through a system update which has been announced for the evening of June 6, 2011. We’ll have more information for you after this update becomes available.” The eShop should allow 3DS users to download extra game content directly to their devices, although it’s unclear what else will be available at launch. Nintendo has said that a Netflix client is in the works, so our fingers are crossed that it’s part of the package, too. We reviewed the Nintendo 3DS in early April and the lack of an eShop, Netflix, and web browser, were some of our biggest gripes with the device. More →

2 Comments

Google working with partners on Android fragmentation issue

By on May 10, 2011 at 4:47 PM.

Google working with partners on Android fragmentation issue

During Google I/O today, the company announced that it’s working with its partners – including AT&T, HTC, LG, Motorola, Samsung, Sony Ericsson, Sprint, T-Mobile, and Verizon Wireless — on getting new Android updates to users faster and on curtailing Android fragmentation. As part of the same effort, if your hardware supports it, Google and its partners will guarantee that your phone gets the latest Android iteration for at least 18 months after the device hits the market. That should mean that end users won’t have to sit around for months, or years, to find out that the hottest version of Android will never be available for their devices. Google hasn’t clarified if this begins now with Android 2.3 (we doubt it), or if it starts with Ice Cream Sandwich. For now, Google just admits that it’s a “logistic problem,” and it’s unclear how long it will take for Google’s partners to actually get the updates out the door. It sounds like Google has its head in the right place but it doesn’t seem like the company has fleshed out how it can deliver on these promises yet. We just hope that it won’t involve too many compromises.

38 Comments

Verizon to issue HTC ThunderBolt update on May 3rd

By on May 2, 2011 at 1:46 PM.

Verizon to issue HTC ThunderBolt update on May 3rd

Verizon Wireless has announced that it will issue a software update for the HTC ThunderBolt on May 3rd. The update will enhance the connectivity to Verizon’s 3G network – when a 4G signal isn’t available, of course – and will also fix some email and SMS bugs so that messages are stored properly in your inbox. Verizon also said that, after the patch is applied, the Backup Assistant application will display properly in the applications menu. Other fixes include faster loading of GPS updates and stability improvements for Facebook, KAYAK, Yahoo! Mail, My Verizon, and others. Unfortunately, the update doesn’t appear to offer any improvements to the ThunderBolt’s notoriously bad battery life. More →

38 Comments

Motorola DROID Pro software update now available

By on April 26, 2011 at 12:39 AM.

Motorola DROID Pro software update now available

Motorola has announced that there is a new software update available for the Verizon Wireless DROID Pro. Unfortunately the patch will not update your DROID Pro to Android 2.3 (Gingerbread), but it should reduce the frequency of UI lockups, offer improved audio during calls, and the following fixes:

  • Improved audio on voice calls.
  • Improved stability and performance.
  • User interface display now refreshes when user switches from GSM/UMTS communication to Global Mode.
  • Device now prepends 011 to Country Code to send SMS messages.
  • Global Mode no longer resets when connecting to a USB charger.
  • Visual Voice Mail now detects airplane mode while Wi-Fi is active.
  • Prompt return to full screen brightness after wake-up.
  • Upgraded Bluetooth firmware.
  • Improved interoperability with Microsoft Internet Application Gateway (IAG) configurations.
  • Device string format for Exchange changed to include device name and version number.
  • Upgrade to Google applications Release 7

For more information on the software update, hit up Verizon Wireless’ support forums located at http://www.verizonwireless.com/droidprosupport. More →

10 Comments

Barnes & Noble NOOK Color updated with Android 2.2, NOOK Apps

By on April 25, 2011 at 5:32 PM.

Barnes & Noble NOOK Color updated with Android 2.2, NOOK Apps

On Monday, Barnes & Noble announced that it will be updating the NOOK Color eReader with Android 2.2 (Froyo) and a number of other enhancements. The software patch — which will deliver Adobe Flash Player support – adds a NOOK Friends beta social network for sharing books, 15 new NOOK Kids Read and Play books, NOOK Email, NOOK Books Enhanced with embedded video and audio, and NOOK Newsstand for quick access to magazines and newspapers. A new NOOK Apps store will provide access to more than 125 applications, many of which are free or are priced below the $2.99 price point. The update, officially known as NOOK Color v1.2, is available now for free. NOOK Color owners can visit http://www.nookcolor.com/update to apply it now, or you can wait for an over-the-air update to roll out over the coming weeks. Hit the jump for the full press release. More →

14 Comments

Skype patches Android client weakness; adds 3G calling

By on April 20, 2011 at 7:28 AM.

Skype patches Android client weakness; adds 3G calling

Last week, we told you about a weakness discovered in Skype’s Android client. The issue stemmed from a combination of incorrect file permissions and lack of encryption usage on the database files used to store contact information, chat history, and more. The company has gone ahead and updated said client, and as an added bonus has included the ability to make VoIP calls via your phone’s 3G data connection. “Calling over your 3G connection is available worldwide – now including the US,” reads the post. We can’t see any reason not to mosey on over to the Android Market and update to the latest version of Skype. The scannable QR code is after the jump. More →

7 Comments

Apple updates iTunes with fixes for iPad, iPod, and iPhone

By on April 18, 2011 at 8:39 PM.

Apple updates iTunes with fixes for iPad, iPod, and iPhone

Apple has updated iTunes to version 10.2.2, which should fix several errors that have caused iPads to lock up during sync. The update also applies stability and performance improvements and fixes a bug that has caused iPhones, iPads, and iPod touch units to sync for longer than is necessary. Apple also said iTunes 10.2.2 will fix skipping issues that occur during video previews in the iTunes Store. Users should be prompted to install the latest version of iTunes upon program launch. More →

3 Comments

Motorola ATRIX 4G 4.1.57 update available, no AT&T HSUPA support yet

By on March 28, 2011 at 2:27 PM.

Motorola ATRIX 4G 4.1.57 update available, no AT&T HSUPA support yet

Software version 4.1.57 for the Motorola ATRIX 4G is now available. The 17MB file, issued by Motorola, adds a number of improvements but is not the expected AT&T update that includes HSUPA support. After downloading the update, Motorola says users should notice the following changes:

  • Bluetooth: Improved multimedia experience with Bluetooth devices as well as the ability to use phone with additional headsets.
  • Fingerprint reader: Improved fingerprint reader performance.
  • Battery: Improved battery performance for longer battery life.
  • Screen: Display will turn off automatically now while charging directly on wall charger.
  • Phone stability: Improved stability resulting in fewer occurrences of touch unresponsiveness and/of programs quitting unexpectedly.
  • Car dock: Improved performance of car dock and 3.5mm jack.

It’s been reported that the update may cause some issues with those who have rooted their phones. AT&T has said that the upcoming HSUPA software update, which should ratchet up upload speeds on the ATRIX 4G and Inspire 4G, will land in April. Hit the jump for instructions on installing software version 4.1.57 on your ATRIX 4G.

More →

27 Comments

Mozilla patches 13 security holes in Firefox 3.5, 3.6

By on December 11, 2010 at 5:05 AM.

Mozilla patches 13 security holes in Firefox 3.5, 3.6

Earlier this week, the Mozilla organization released updated versions of its 3.5 and 3.6 Firefox Web browsers. The updated bits patched 13 vulnerabilities found in the code-base, and 11 of the aforementioned security issues were listed as “critical” by the company. The vulnerabilities ranged from buffer and integer overflows to SSL spoofing. If you’re using Firefox 3.5 or 3.6 be sure to click the “Check for Updates” link under the “Help” menu to grab the latest and greatest from Mozilla. More →

10 Comments

Adobe warns of zero-day Flash, Reader vulnerability; Windows, Mac, Linux, Solaris, Android affected

By on October 28, 2010 at 5:58 PM.

Adobe warns of zero-day Flash, Reader vulnerability; Windows, Mac, Linux, Solaris, Android affected

Adobe released a security bulletin today warning of a critical, zero-day vulnerability in their Reader and Flash Player software. The bulletin notes that an unpactched system could “crash [your system] and potentially allow an attacker to take control of the affected system.” The vulnerability is affecting:

  • Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
  • Adobe Flash Player 10.1.95.2 and earlier for Android
  • Adobe Reader 9.4 and earlier 9.x versions for Windows, Macintosh and UNIX
  • Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Macintosh
  • Adobe Reader and Acrobat 8.x are confirmed not vulnerable. Adobe Reader for Android is not affected by this issue.

Adobe is promising an update to fix the issue by November 9. Hit the read link to read more and for mitigation instructions for your specific platform. More →

66 Comments

HTC EVO 4G getting update to address Gmail and calendar issues

By on September 22, 2010 at 2:02 PM.

HTC EVO 4G getting update to address Gmail and calendar issues

A quick note on Sprint’s support site indicates that the HTC EVO 4G will be getting a small software update sometime in the near future. The update lists “calendar event edit issues” and “multiple Gmail account sync” as the two problems it is designed to address. The version number is also listed at 3.29.651.5. You can check for the update by navigating to Settings > System Updates > HTC software update on your EVO 4G. More →

23 Comments

Twitter patches onMouseOver vulnerability

By on September 21, 2010 at 10:42 AM.

Twitter patches onMouseOver vulnerability

Well that didn’t take long. Twitter hath just tweeted that they have identified and patched the JavaScript, onMouseOver, cross-site-scripting vulnerability that had been running amuck on its website this morning. It is once again safe to use twitter.com to let your fake friends know what you are eating, thinking, and doing.

UPDATE: Bob Lord, Twitter’s security chief, has put up an official blog post explaining exactly what happened this morning. You can read that article here. More →

2 Comments