Posts Tagged ‘Java’

Java updateIn the new version of the February 2013 Critical Patch Update will include additional fixes.

Updates for Java, Oracle released on February 1 of this year, as it turned out, did not remove all the vulnerability. In this regard, on February 19 will be issued a new update, as previously planned.

Due to the discovery of exploits for vulnerabilities Java, updates were quickly released at unscheduled times. Expert Company, Eric Maurice has published a blog post: “Oracle plans to release the February version of critical updates to the original scheduled date.”

Since August 2012, when the first reports appeared that vulnerabilities in Java extensively used by malicious web-sites, Oracle is struggling to regain the trust of users. (more…)

Java Runtime Environment 7

Posted: February 2, 2013 in Articles
Tags: ,

JavaJava Runtime Environment allows you to run applications (applets) that are written in Java, in your browser.

Play online games, chat online chat rooms and use the other useful features of Java-applets on different websites

Developer: ORACLE
License: Freeware
Version: Update 13 (7.0.130.20)
Updated: 01/02/2013
System: 8/7 / Vista / XP 32 | 64-bit
Interface: English
Size: 30.1 MB / 31.5 MB (x64)

Java Runtime Environment (JRE) provides the libraries, the Java Virtual Machine, and other components to run applets and applications written in the Java programming language. (more…)

Trend MicroAntivirus company Trend Micro has detected a new type of malicious software that masquerades as a patch for the environment Java, allegedly eliminating vulnerabilities in this latest development.

Recall that Oracle over the past 7 days did release an update for Java 7 that addresses one of the critical dangerous vulnerabilities, but independent security experts say that the company failed to eliminate all the problems in Java and users computers are still under attack. Obviously, this decided to play by criminals.

In Trend Micro say they found the fake pseudo-patch Java 7 Update 11, is present in at least one site that has no relation to the original Oracle and Java. During the downloading and installation of this patch on the computer there is a malicious software. (more…)

Java DangerExperts advise all companies to disable Java on the computers of all employees.

Oracle has released an emergency update to its Java software over the weekend, which should have prevented the main drawback of IT-security software. However, experts say that the update does not work. Recall that the update was released after the Department of Homeland Security urged PC users disable Java on their devices because of the vulnerability.

Discovered vulnerability being exploited for identity theft and other crimes. This was reported by representatives of the Department of Homeland Security.

Adam Gowdiak, researcher in the field of information security from Poland, who last year discovered several vulnerabilities in Java, said the upgrade from Oracle does not remove all of the existing gaps.

Currently, some companies in the field of information security, advise companies to remove Java from browsers all employees. (more…)

Oracle LogoSecurity fixes affect 10 products, including a new version of Java.

Oracle released the final version of its quarterly update that fixes 10 vulnerabilities in the 109 products of the company. In this issue patches coincided with the release of the new version of Java, which was removed 30 holes.

Note that most experts attach great importance to this update because the past few years, vulnerabilities in Java began to enjoy the most popular with hackers and virus writers.

Among the many updates, technical director of Qualys (specializes in cloud security) Wolfgang Kandek isolated patches for Solaris and MySQL as a top priority. According to him, they are the most important to the servers connected to the Internet. (more…)

Apple LogoApple has released a new patch for Java. The patch will be available to users of OS X 2012-005, Mac OS X 10.6, and OS X Lion and Mountain Lion is known that this patch closes the vulnerability CVE-2012-0547. However, as the experts, it does not close vulnerability CVE-2012-4681, which recently most often used by malicious hackers.

Oracle has released a patch for CVE-2012-4681 last week. However, the specialists of Security Explorations, who first discovered the vulnerability, warning that the patch itself contains a vulnerability. At this point, they refuse to disclose any details. However, most experts, as before, are urging Internet users to disable Java in the browser at least, used as the core, as most sites do not require the inclusion of Java to work properly. For sites that require the inclusion of Java, experts recommend the use of alternative browsers. (more…)

Oracle LogoAffected versions: Oracle Java JRE 6 update 7 build 1.7.0_06-b24

Description:

The vulnerability allows a remote user to execute arbitrary code on the target system.

1. The vulnerability is caused due to an unspecified error. This can be exploited to compromise a vulnerable system

Note: The vulnerability is being actively exploited in the present. (more…)