WordPress blog software has been updated to the 2.6 version. This latest release fixes about 194 bug fixes and a major security-related change to disable remote publishing protocols by default along with new functions such as SSL support, new Atom Publishing Protocol and the variety of XML-RPC protocols by default to shut down a potential security risk. If you manage a WordPress blog, this should be considered an important update.

Opera has released new update for Opera browser v9.51. This update fixes couple of security vulnerabilities and some stability issues. One of the fixed issues includes arbitrary code execution but the exploit has not been published yet. All Opera users can update their browser from http://www.opera.com/download/ location.

For the folks who still didn’t switched to the Firefox 3, the Mozilla Foundation has just released Firefox 2.0.0.16 which fixes two critical security vulnerabilities, command-line URLs launch multiple tabs when Firefox not running and remote code execution by overflowing CSS reference counter. As security advisers reports the last vulnerability affects the Thunderbird users too. The Firefox 2 will still be supported only until December, so all users are advised for upgrade to Firefox 3.

OpenOffice.org developers are shipped new fix for highly critical vulnerability that affects versions 2.0 to 2.4 of OpenOffice suite. According to the report the flaw could be exploited to launch code execution attacks with manipulated document files and lead to heap overflows and allow a remote unprivileged user who provides a OpenOffice.org document that is opened by a local user to execute arbitrary commands on the system with the privileges of the user running OpenOffice.org.

topBadware.org coalition under Google support has called Apple to review the “carpet bomb” issue in the Safari browser. Nitesh Dhanjani has discovered that in Safari browser on Windows hackers can install suspicious software via booby-trapped Web sites. This can happen because the Safari browser cannot be configured to obtain the user’s permission before it downloads a resource. Safari downloads the resource without the user’s consent and places it in a default location, stated Dhanjani.

According to several sources some of the users of latest Windows XP Service Pack 3 have problems causing blue screen at AMD based systems. Microsoft and HP stated that the problem might be around the Power Management feature. HP has posted a work around that has you go boot into Safe Mode and disable the Intel Power Management.

Mozilla developers have announced that they have stopped the changes to the first release candidate of Firefox 3.0 and is working to get that build to users by the end of the month. As Mike Schroepfer, Mozilla’s vice president of engineering stated they are ready to launch Firefox 3 Release Candidate 1 (RC1) by the end of May. Since RC1 passed many beta stages it is possible that it will be the only release candidate but unveiling of possible bugs and flaws will continue development of new Release Candidates until they are ready for final shipment. Mozilla issued three release candidates in the run-up to the final code of Firefox 2.0, and Schroepfer said that he expected Firefox 3.0 to follow that same pattern.

Mozilla team has noticed that a Vietnamese language pack for Firefox 2 is carrying malware. As Mozilla security chief Window Snyder wrote Vietnamese language pack for Firefox 2 contains inserted code to load remote content resulting with virus infection. Everyone who downloaded the Vietnamese language pack from February 18, 2008 got an infected copy. So, if you downloaded that particular language pack run immediate virus check of your computer.

A security thinktank says it has found a vulnerability in Apple’s QuickTime multimedia player that can be exploited remotely to compromise Windows Vista PCs upgraded to Service Pack 1, as well as XP SP2. From the informations at GNUCitizen’s blog, the exploit involves a maliciously crafted media file. When a user opens the file, which can be hosted on a website, the vulnerability in QuickTime allows the hacker to take complete control of the machine, according to Petko D. Petkov. Mr Petkov stated that it is reasonably to believe that anyone knows how to exploit this vulnerability since he didn’t shared the details with anyone, and the actual vulnerability is different enough to be rather challenging for even some of the most gifted hackers out there.The Apple is notified about this issue and did not stated any official comments.

Last week Mozilla and Apple has released new fresh updates of their browsers. Mozilla Firefox 2.0.0.14 patches the security problems in the JavaScript engine described in previous Firefox release, where some users experienced crashes during JavaScript garbage collection. On the other hand Apple updated Safari to 3.1.1 and patched several security issues concerning a maliciously crafted website may control the contents of the address bar and visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution among many. It is recommended to updated your favorite browsers as soon as possible.