1/13/2006

CERTs warn about old java bug being exploited

Filed under: — By Aviran Mordo @ 10:53 am

US-CERT and AUSCERT warn about a bug in java being exploited. The bug was made public in November 2005.

Aside of the obvious patch and turn off java support, the warnings include text as “avoid clicking on any links in emails or instant messages, unless the email was already expected beforehand” and “by only accessing Java applets from known and trusted sources the chances of exploitation are reduced.”

Secunia rated this vulnerability as Highly critical. It is important to mention that Sun already fixed this flaw, and if you haven’t yet, you should update your java runtime to the latest version.

 

Leave a Reply

You must have Javascript enabled in order to submit comments.

All fields are optional (except comment).
Some comments may be held for moderation (depends on spam filter) and not show up immediately.
Links will automatically get rel="nofollow" attribute to deter spammers.

Powered by WordPress