Infosec Haiku

Anata no joho sekyuritei konshu no haiku

Java CPU
Released This Week – 14 Bugs
Squashed – Please Update Now!

 

### Notes ###
* Thanks to Ms. Etsuko vdH for the translation.
* Thanks to everyone who’ve contributed their haikus …

> Read More

Infosec Haiku

Anata no joho sekyuritei konshu no haiku

Huge Month for Patches —
  and Much More
Time to Patch It Up

 

### Notes ###
* Thanks to Ms. Etsuko vdH for the translation.
* Thanks to everyone who’ve contributed their haikus …

> Read More

July Java Jamboree

The latest Critical Patch Update (CPU) from Oracle has been released today. Based on the pre-release information, the July 2014 CPU contains 113 new security vulnerability fixes, covering everything from its flagship database and Fusion Middleware to Hyperion and Solaris. [See update below.]

Of particular interest to endpoint administrators will be the 20 vulnerabilities in Java SE.

> Read More

Java on XP?

Is it still supported, and what should you do about it?

Well done to Oracle, which has successfully managed to confuse everyone about what the situation is regarding whether Java (a development platform with a long history of security holes) will continue to be properly supported on Windows XP (an operating system with a long history of security holes,

> Read More

WinXP and Java: Double the Risk, Double the Fun

Another reason, as if you needed one, to upgrade your WinXP systems: Java 8 – the latest version is 8u5 – has compatibility issues, and Java 7 – the latest version of which is 7u60 – is no longer supported on WinXP.

As Oracle has put it: “Users may still continue to use Java 7 updates on Windows P at their own risk,

> Read More

Infosec Haiku

Anata no joho sekyuritei konshu no haiku

Java Version 8
Does Not Support WinXP
Are You Protected?

 

### Notes ###
* Thanks to Ms. Etsuko vdH for the translation.
* Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published.

> Read More

Isn’t It Time Oracle Gave Us Monthly Security Updates for Java?

In some ways, it could be argued that Java is an incredible success.

I’m serious. Stop laughing at the back.

You see, according to Oracle, Java’s developer, the product is used on over 3 billion different devices worldwide. That *is* impressive.

But, for those of us concerned with securing systems and keeping computer data safe,

> Read More

160 New Viruses Captured Every Minute

Periodically, I take a look at what the good folks at AV-Test.org have to say about the amount of malware in their “zoo.” What I’ve been seeing over the past couple of quarters is pretty shocking.

2013 in Review
The amount of new malware seen in 2013 jumped to an average of about 6.9M per month – that’s nearly 160 new malware per minute,

> Read More

Defending Against Java

Java offers enterprises the ability to write code once and run it everywhere.  However, this flexibility comes with a high cost: reduced security on endpoints. It has lately gotten so bad that Java has been nicknamed Just Another Vulnerability Announcement. Oracle has been working to produce updates to Java that addresses these vulnerabilities,

> Read More

Much Ado About Java

So, have you seen the latest about Java? Seems most organizations are still running (really) old versions. And even the current version has what is technically known as a shit-ton of zero-day vulnerabilities. And so Oracle is changing their vulnerability numbering system to accommodate all of them, in addition to taking other steps surrounding Java security.

> Read More

No Luck o’ the Irish for IT this St. Patty’s Day

IT admins can’t seem to catch a break this year. First, the never ending stream of Java issues that has kept folks on their toes since January. Now they’ve got another busy month of patches ahead of them, with 7 total patches from Microsoft, 4 of which are critical. However, once again the issues outside of Microsoft will likely eclipse the Patch Tuesday patches this month.

> Read More

Eliminating Java Will Not Solve Your Problem

While many are jumping on the ‘Death to Java’ bandwagon and ranting about turning off Java to eliminate risk, it is important to put the issue in the proper context: the reality of the matter is a Java vulnerability is not the end game for a cyber criminal; it is merely a delivery mechanism in the quest to install a bigger malware foothold.

> Read More

No Love for IT This Valentine’s Day

It’s going to be a rough Valentine’s Day for many IT admins this month. With ongoing issues with Java and 12 bulletins from Microsoft, including 5 critical issues and many restarts, it’s going to be a very disruptive Patch Tuesday.

It’s disturbing to note how many different Microsoft platforms are critically affected this month.

> Read More