Netscape: the one after 4.04


It's been so long since Netscape updated its Communicator Internet suite (several months!), it was starting to look like they'd finally broken the dot-release addiction. But no.

Habitual browser downloaders keen for a fix can jump on Version 4.05 and its comforting dose of security patches and bug fixes. The most important patch closes the Preferences security hole. That flaw allows malicious Web site operators to read your prefs.js file, which contains sensitive information such as your mail account name and password. As with browser security holes, this one is mostly theoretical ù an unethical hacker could use the information to read your mail or masquerade as you, but so far, no such attack has been reported. Netscape says Communicator 4.05 also speeds up Java performance and includes a new utility for importing folders, messages, address books, and settings from Eudora.

To update your browser, launch Communicator and choose HelpûSoftware Updates. You can also download one of the four different product configurations (Basic, Complete, Professional, or Navigator Standalone) from Netscape's FTP server at ftp.netscape.com/pub/communicator/4.05/shipping
/english/windows/windows95_or_nt/
. For more details on the improvements in Communicator 4.05 (including unresolved issues), see home.netscape.com/eng/mozilla/4.0/relnotes
/windows-4.0.html#Whats New
.

Meanwhile, Microsoft has posted another security fix to its Internet Explorer 4.0 and 4.01 browsers. Like earlier buffer-overrun security holes reported here, the "embed" flaw could allow unscrupulous Web page authors to crash your system or execute programs on your machine. Find details and a patch at www.microsoft.com/ie/security/?/ie/security/embed.htm.

û Scott Spanbauer


Category:Bugs and fixes
Issue: July 1998

These Web pages are produced by Australian PC World © 1998 IDG Communications