X
 
 
 
 
 
 
 Home Page   My Sky Valley   Advertising   Contact Us   Privacy Policy   About Us   Terms of Use 
Register Here
Welcome

Log In
http://murphyauction.com
http://www.debbielarsencpa.com/
Thu, October 30, 2014
“The #1 Read & Rated Sky Valley News Source
& Only Daily Paper in the Sky Valley!”
http://www.wallacefallscafe.com

http://www.snohomishfamilymedicine.com/


RSS Feeds
Everett, WATemp: 57°FSky: mostly cloudyForecast...
DONATE
SECTIONS
BREAKING NEWS
FEATURE NEWS
SNOHOMISH
MONROE
SULTAN
STARTUP
BARING
GOLD BAR
INDEX
SKYKOMISH
STEVENS PASS
GENERAL
VALLEY NEWS
SKY VALLEY 101
REAL ESTATE
LETTERS
OPINION &
EDITORIAL
VIDEOS
PETS
LOST & FOUND
LEGAL NOTICES
CLASSIFIEDS
AUCTIONS
BATTERIES

--

FEATURE NEWS

ORACLE CONFIRMS
JAVA SECURITY ISSUE
Says fix is on the way

January 13, 2013



(MONROE, WA) -- One of the most widely read news stories of the past two months in the Sky valley Chronicle was the story about the security problem with the Java computer application that broke on Friday. The Chronicle was one of the first newspapers in the state to break the story.

Oracle on Saturday confirmed what is now known as the 0-day vulnerability discovered in Java 7. The company told the Reuters news service that “a fix will be available shortly.”

Earlier in the week the US Computer Emergency Readiness Team (US-CERT), part of the National Cyber Security Division of the Department of Homeland Security issued a warning about the Java application:

“Java 7 Update 10 and earlier contain an unspecified vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
This vulnerability is being attacked in the wild, and is reported to be incorporated into exploit kits. By convincing a user to visit a specially crafted HTML document, a remote attacker may be able to execute arbitrary code on a vulnerable system.

The critical security hole, which allows attackers to execute malicious software on a victim’s machine, was quickly exploited in the wild and made available in common exploit kits. Later the same day, Apple stepped in to block Java 7 on OS X 10.6 and up to protect Mac users.

On Friday, we learned the 0-day code would not have worked if Oracle had properly addressed an old vulnerability, according to Security Explorations, the security firm responsible for identifying most of the latest Java vulnerabilities.

Back in late August 2012, the company informed Oracle about the insecure implementation of the Reflection API, and Oracle released a patch for it in October 2012, but the fix wasn’t a complete one.

Also on Friday, Mozilla added all recent versions of Java to its Firefox add-on blocklist. These include Java 7 Update 9, Java 7 Update 10, Java 6 Update 37, and Java 6 Update 38; older Java versions were already blocklisted due to other vulnerabilities.

Once Oracle releases Java 7 Update 11, Mac users and Firefox users will once again be able to use the plug-in. Unfortunately, since the company still hasn’t provided a date for when that will be, we recommend that regardless of what browser and operating system you’re using, you should uninstall Java if you don’t need it and disable it otherwise. If you absolutely must use it, do so in a secondary browser.”

How to disable the Java browser plug-ins and how to disable the main Java app in your Windows base PC can be found in our earlier story here









BACK TO

HOME

More Headlines

FEATURE NEWS
BOY WHO VANISHED FROM SEATTLE FOUND ON REMOTE ISLAND IN MIDDLE OF NOWHERE
WHITE HOUSE COMPUTER NETWORK HIT WITH SUSTAINED CYBER ATTACK
KIDS PLAY AREA IN GOLD BAR SPARED MAJOR DAMAGE FROM FALLING TREE
The day things went right
WASHINGTON MAN WHO BELIEVES IN LIBERTY AND STANDING UP
TO THE MAN
Becomes big hit on YouTube.
HIGH WINDS AND RAIN IN WESTERN WASHINGTON KNOCK OUT POWER TO OVER 150,000

    More->



http://tiny.cc/oihbmx

© 2009-2014 Sky Valley Media Group, LLC
www.skyvalleychronicle.com is owned and produced by
Sky Valley Media Group, LLC which is soley responsible for its content