Saturday, December 10, 2016
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Apple AirPods Will Miss Holiday Season
Japan Display To Receive ¥50 bil. Support From Government
Google Said to Bring Internet To Cubans
Super Mario Run Won't Play Offline
U.S. Confirms Samsung and LG Dumped Washers
Xiaomi Electric Vehicle Launch on Monday, Yeelight LED Ceiling Light Launched
Hon Hai, Sharp To Build Massive LCD TV Plant In China
U.S. To Review Cyber Attacks Beyond 2016 Election
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > General Computing > New Eme...
Last 7 Days News : SU MO TU WE TH FR SA All News

Tuesday, March 05, 2013
New Emergency Fix Releaseed For Java zero-day Exploit Released


Oracle on Monday released Security Alert CVE-2013-1493, to address two vulnerabilities affecting Java running in web browsers (CVE-2013-1493 and CVE-2013-0809).

These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. For an exploit to be successful, an unsuspecting user running an affected release in a browser must visit a malicious web page that leverages these vulnerabilities.

One of these vulnerabilities (CVE-2013-1493) has recently been reported as being actively exploited by attackers to maliciously install the McRat executable onto unsuspecting users' machines. Both vulnerabilities affect the 2D component of Java SE. These vulnerabilities are not applicable to Java running on servers, standalone Java desktop applications or embedded Java applications. They also do not affect Oracle server-based software. These vulnerabilities have each received a CVSS Base Score of 10.0.

Oracle recommends that this Security Alert be applied as soon as possible. Desktop users can install this new version from java.com or through the Java autoupdate.

Oracle has recently switched Java security settings to "high" by default. This high security setting results in requiring users to expressly authorize the execution of applets which are either unsigned or are self-signed. As a result, unsuspecting users visiting malicious web sites will be notified before an applet is run and will gain the ability to deny the execution of the potentially malicious applet. In order to protect themselves, desktop users should only allow the execution of applets when they expect such applets and trust their origin.


Previous
Next
New ZOTAC StreamBox and RAIDbox Ease Digital Sharing        All News        IBM To Make Its Cloud Services and Software Open Sourced-based
Samsung To Buy Stake in Rival Sharp     General Computing News      IBM To Make Its Cloud Services and Software Open Sourced-based

Get RSS feed Easy Print E-Mail this Message

Related News
Oracle to Buy NetSuite for $9.3 Billion
Fujitsu and Oracle Team Up to Drive Cloud Computing
Oracle To Pay HP $3 billion In Itanium Case
Google Wins Oracle in Android Trial
Samsung and Oracle Provide the Engine for Enterprises to Mobilize Their Business in the Cloud
Oracle To Kill Java Plug-in For Browsers
Oracle SettleS FTC Charges It Deceived Consumers About Java
Oracle Breakthrough SPARC M7 Processor and Systems Design
Oracle Unveils New Services, Layouts Java's Future
Google Loses Appeal In Case Against Oracle
Oracle Extends Enterprise Cloud Portfolio
Oracle, SAP Settle Lawsuit

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2016 - All rights reserved -
Privacy policy - Contact Us .