Firefox Version 23 Introduces "Mixed Content" Blocking

Recently Firefox version 23 introduced blocking of “Mixed Content,” something Google Chrome rolled out last fall.  “Mixed content” is when information from a non-secure site (without a security certificate–and uses “http” in the URL rather than “https”) is displayed on a webpage on a secure server, within a learning management system for example.  The video below shows how to allow that content to display in FireFox.  Unlike Chrome, however, the approval is on a page-by-page basis rather than approving the entire site.  That means each page that loads with mixed content needs to be approved.

This content blocking often has peculiar indicators.  If a video is being blocked, it could display a warning that there is an issue with Adobe Flash.  While there could be an issue with Flash, check to see if the content is being blocked as indicated in this video, especially if you have recently updated your flash player.

Desire2Learn users should follow this best practice post to avoid having this happen to content in their courses.

Internet Explorer Security Vulnerability for Versions 6, 7, and 8

Microsoft announced on its blog on December 29, 2012, that there was a security vulnerability with Internet Explorer 8 that could allow remote code to be executed by computers using IE 8 if a website with malicious code installed is visited.  The Los Angeles Times reported that the website for Washington, DC, based think tank Council on Foreign Relations had the malicious code on its site as early as December 21st and was infecting all affected computers that visited the site since that time.

The security advisory referenced in the blog post is #2794220.  That advisory indicates that IE 6 and IE 7 are also vulnerable to these attacks, but versions 9 and 10 are not because they do not contain the same lines of code that created the vulnerability.  However, neither of these version are an option for those using Windows XP.

On December 31, 2012, Microsoft posted two Microsoft “Fix it” patches.  The page contains information on how to install these patches on computers running one of the affected versions of Internet Explorer.

If you are using Internet Explorer versions 6, 7, or 8, you need to install the patches provided to block the security vulnerability if you cannot upgrade to IE 9 or 10 (not an option for Windows XP users).  You can determine which version of Internet Explorer you are using by clicking on the “Help” menu or Help icon and select “About Internet  Explorer.”




Chrome Version 21 Blocking Mixed Media Content

Chrome version 21 started blocking mixed media content.  What that means is that on a secure website–one using a secure certificate and that has “https” in the URL–Chrome browser will block any content that loads on a page from that website that comes from a site without a certificate (and no “s” after the “http” in the URL).  The video below show how to have that content displayed on the page by telling Chrome to allow content from that site to load.

the full post is here.