News briefs for August 29, 2018.
Mozilla posted the results of its planned Firefox nightly experiment involving secure DNS via the DNS over HTTPS (DoH) protocol. The experiment focused on two questions: "Does the use of a cloud DNS service perform well enough to replace traditional DNS?" and "Does the use of a cloud DNS service create additional connection errors?" See the Mozilla Blog for details.
The EFF yesterday posted its Back to School Essentials for Security—great tips whether or not you're currently a student.
HHVM 3.28 was released yesterday. This new release of the open-source virtual machine for executing programs written in Hack and PHP "contains new language features, bugfixes, performance improvements, and improvements to the debugger and editor/IDE support."
Oracle Solaris 11.4 has been released. Scott Lynn, Director of Product Management, Oracle Linux and Oracle Solaris, writes "There have been 175 development builds to get us to Oracle Solaris 11.4. We've tested Oracle Solaris 11.4 for more than 30 million machine hours. Over 50 customers have already put Oracle Solaris 11.4 into production and it already has more than 3000 applications certified to run on it. Oracle Solaris 11.4 is the first and, currently, the only operating system that has completed UNIX V7 certification."
A vulnerability in Microsoft's cloud storage solution Dropbox was discovered recently. According to Appuals, this DLL hijacking and code execution vulnerability affects Dropbox's version 54.5.90, and "a user whose device is undergoing this exploit won't realize it until the process has been exploited to inject malware into the system. The DLL injection and execution runs in the background without requiring any user input to run its arbitrary code."