May 26, 2013

Posts Comments

You are here: Home / Archives for Java

Critical Java update and a stark reminder to update JAFO

October 21, 2011 by Leave a Comment

Java LogoThe latest advisory for Oracle Java addresses a total of 20 vulnerabilities 19 of those 20 may be remotely exploitable. Remotely exploitable vulnerabilities are very high information security priorities because they can allow rapid propagation of a malware or computer viruses.

It’s time to add a new acronym

For some time now we’ve all learned that windows/operating system updates are pretty important but there are emerging threat vectors that also need to be addressed. Back in early 2009 a huge ramp up in volume of Adobe PDF and Java updates occurred. Since that time those two have become two very popular sources of computer exploitation. Add that to some recent nasty Flash exploits and you have the makings of a new acronym:

Always update JAFO:

Java
Acrobat
Flash
Operating System (Critical Updates Windows, etc)

Extra credit for the techie types, remember when Microsoft had their own Java Virtual Machine?

 

Filed Under: IT Professionals, News, Security, Technology Tagged With: , , , , ,

Why you should not bypass Java and other Updates

April 5, 2010 by 2 Comments

A very common complaint by end users involves “automatic updates” and some people go to great lengths to avoid them. We published this quick tip about when and how to run them to minimize the impact. There are several programs that you should think twice before bypassing or ignoring the update:

  • Windows Critical Updates
  • Adobe Acrobat
  • Flash Viewer
  • Oracle/Sun Java

The last item on this list is the primary purpose for this post, check out this bulletin from March 2009 related to Oracle Java. There were a total of 27 new security fixes:

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. This Critical Patch Update contains 27 new security fixes across all products.”

So please, when you get the notices for these updates – run them. Another great way to avoid many of these problems is to operate your computer with an account that has lower permissions. We will write a follow up describing how to do that and why.

If you’d like to see a chronological history of the Java updates or see if there are new ones go here. You can also add them to your RSS reader here.

Filed Under: Business/Productivity, Security Tagged With: , , , ,

Sun Java Vulnerability

March 7, 2008 by Leave a Comment

We have received a notice from US-CERT about a security flaw involving Sun Microsystems Java Platform. The flaw affects JDK and JRE 6 Update 4 and earlier versions of Java. This flaw has been labelled critical, and we are prioritizing addressing this flaw with our customers.

Who should be concerned?

  1. Anyone who accesses the Internet with a Web Browser and/or using Java JRE 6 Update 4 and earlier (nearly everyone!).

If I meet the criteria that makes me vulnerable, what should I do?

  1. You should apply an update for Sun Java as soon as possible.
  2. You can download this update at java.com .

Where can I get more information about this problem?

Related Posts Plugin for WordPress, Blogger...
Filed Under: Security, Technology Tagged With: , , , , , ,