View Single Post
  #1   (View Single Post)  
Old 27th August 2012
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,503
Default Critical flaw under active attack prompts calls to disable Java

From http://arstechnica.com/security/2012...-disable-java/

Quote:
A vulnerability in the latest version of Oracle's Java software framework is under active attack, and the damage is likely to get worse thanks to the availability of reliable exploit code that works on a variety of browsers and computer platforms, security experts warn.

The flaw in Java version 1.7 was reported on Sunday afternoon by FireEye security researcher Atif Mushtaq. A separate post published on Monday by researchers Andre M. DiMino and Mila Parkour said the number of attacks, which appear to install the Poison Ivy Remote Access Trojan, were low. But they went on to note that the typical delay in issuing Java patches, combined with the circulation of exploit code, meant it was only a matter of time until the vulnerability is exploited more widely by other attackers.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote