java | Page 2

Yesterday Oracle released a whopping 89 fixes to many of their products, 27 of which could allow remote code execution. In Eric Maurice's post (Mr. Maurice is Oracle's Director of Software Security Assurance), he outlines some of the most important fixes: - 6 fixes target Oracle Database, one of which allows remote exploitation without any authentication. CVE-2013-3751 goes into detail about the exploit. - 21 fixes target Oracle Fusion Middleware, of which 16 allow remote unauthenticated exploit. Some of these are related to CVE-2013-2461, which... [Read More]
by RSS Richard Henderson  |  Jul 17, 2013  |  Filed in: Industry Trends
Patch management is as fundamental to your security posture and health of your network as changing the oil on your car. It's also as easy to overlook until it's too late. Simply defined, patch management is the process of repairing security flaws and vulnerabilities found in various IT infrastructure discovered after the components have been released on the market. Organizations with dedicated IT management and security teams sport network administrators that oversee patch distribution and other management activities via Web-based interface. A... [Read More]
by RSS Stefanie Hoffman  |  Jul 16, 2013  |  Filed in: Industry Trends
Oracle published an announcement today that a large update to their Java platform this coming Tuesday. Forty vulnerabilities are set to be patched with Tuesday's patch, of which almost all of them can be exploited remotely without a username or password. Oracle said that "[d]ue to the threat posed by a successful attack, [we] strongly recommend that customers apply Critical Patch Update fixes as soon as possible." This patch affects: - JDK and JRE 7 Update 21 and earlier - JDK and JRE 6 Update 45 and earlier - JDK and JRE 5.0 Update 45 and earlier -... [Read More]
by RSS Richard Henderson  |  Jul 30, 2012  |  Filed in: Industry Trends
Tags: oracle java patch