Communicator 4.73 Allegedly Fills Security Holes
Communicator 4.73 Allegedly Fills Security Holes — Netscape has released Netscape Communicator 4.73, which, according to Netscape engineer Steve Dagley, addresses two security problems: the JavaScript Cookie Exploit and the Acros-Suencksen SSL Vulnerability briefly documented on the Netscape Security Notes page. There are no other changes from the 4.72 release. Unfortunately, Netscape’s information about the update is spotty; although the ReadMe file in the installer helpfully points to Netscape’s Security Notes page, that page has not yet been updated. Further, using Communicator’s SmartUpdate feature reported incorrectly that my 4.72 version was the latest one available, and an update wasn’t needed. If you want to upgrade, you can download a 13 MB installer for Netscape 4.73, which also includes AOL Instant Messenger 3.0N (an outdated version), StuffIt Expander 4.5 (really outdated), and RealPlayer 5.0.2 (yes, outdated). Kudos to Netscape for addressing these security concerns; now if only they could put some effort into keeping their Web site and installers up to date. [JLC]
<http://home.netscape.com/security/notes/>
<http://www.netscape.com/computing/download/>