|11 Jan 2013||#1|
| || |
Homeland Security warns to disable Java amid zero-day flaw
The U.S. Department of Homeland Security has warned users to disable or uninstall Java software on their computers, amid continuing fears and an escalation in warnings from security experts that hundreds of millions of business and consumer users are vulnerable to a serious flaw.
Hackers have discovered a weakness in Java 7 security that could allow the installation of malicious software and malware on machines that could increase the chance of identity theft, or the unauthorized participation in a botnet that could bring down networks or be used to carry out denial-of-service attacks against Web sites.
Java users should disable or uninstall Java immediately to mitigate any damage.
The latest flaw, as earlier reported by ZDNet, is currently being exploited in the wild, security experts have warned. Alienvault Labs have reproduced and verified claims that the new zero-day that exploits a vulnerability in Java 7, according to security expert Brian Krebs.
"We are currently unaware of a practical solution to this problem," said the DHS' Computer Emergency Readiness Team (CERT) in a post on its Web site on Thursday evening. "This vulnerability is being attacked in the wild, and is reported to be incorporated into exploit kits. Exploit code for this vulnerability is also publicly available."
|My System Specs|
|15 Jan 2013||#7|
| || |
January 13, Krebs on Security – (International) Oracle ships critical security update for Java. Oracle released an update for Java to fix the recent critical vulnerability that allowed malware to exploit computers running the program. The update also increases the default security settings for running Java applications from ‘medium’ to ‘high.’ Source: Oracle Ships Critical Security Update for Java — Krebs on Security
|My System Specs|
|Similar help and support threads for2: Homeland Security warns to disable Java amid zero-day flaw|
|Java 6 users vulnerable to zero day flaw, security experts warn||Security News|
|Researcher warns about critical flaw in D-Link routers||Security News|
|Oracle confirms existence of another critical Java flaw||Security News|
|RIAA, Homeland Security caught downloading torrents||News|
|Security researcher finds major security flaw in Facebook||Security News|
|Microsoft warns of Windows image rendering flaw||Security News|
|Serious New Java Flaw Affects All Versions of Windows||System Security|