Breaking News

EnGenius Brings Wi-Fi 7 to Small Businesses with Affordable ECW510 Access Point DJI to Showcase New Mic 3 and Full Product Portfolio at Berlin’s IFA MSI Unveils MAG 272QP QD-OLED X50 Monitor Sony completes its INZONE gaming gear range with new headsets and more GIGABYTE Announces Availability of 27” QD-OLED Gaming Monitor AORUS FO27Q5P

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

New Emergency Fix Releaseed For Java zero-day Exploit Released

New Emergency Fix Releaseed For Java zero-day Exploit Released

Enterprise & IT Mar 5,2013 0

Oracle on Monday released Security Alert CVE-2013-1493, to address two vulnerabilities affecting Java running in web browsers (CVE-2013-1493 and CVE-2013-0809). These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. For an exploit to be successful, an unsuspecting user running an affected release in a browser must visit a malicious web page that leverages these vulnerabilities.

One of these vulnerabilities (CVE-2013-1493) has recently been reported as being actively exploited by attackers to maliciously install the McRat executable onto unsuspecting users' machines. Both vulnerabilities affect the 2D component of Java SE. These vulnerabilities are not applicable to Java running on servers, standalone Java desktop applications or embedded Java applications. They also do not affect Oracle server-based software. These vulnerabilities have each received a CVSS Base Score of 10.0.

Oracle recommends that this Security Alert be applied as soon as possible. Desktop users can install this new version from java.com or through the Java autoupdate.

Oracle has recently switched Java security settings to "high" by default. This high security setting results in requiring users to expressly authorize the execution of applets which are either unsigned or are self-signed. As a result, unsuspecting users visiting malicious web sites will be notified before an applet is run and will gain the ability to deny the execution of the potentially malicious applet. In order to protect themselves, desktop users should only allow the execution of applets when they expect such applets and trust their origin.

Tags: oracleJava
Previous Post
New ZOTAC StreamBox and RAIDbox Ease Digital Sharing
Next Post
IBM To Make Its Cloud Services and Software Open Sourced-based

Related Posts

  • Cloud Service Demand Boost Oracle's Results

  • Oracle Expands Its Datacenter Infrastructure in Five New Regions Worldwide

  • Research Firm Sees a Possible Amazon-Oracle Merger

  • Oracle Expands Database Offerings

  • Microsoft and Oracle to Interconnect Microsoft Azure and Oracle Cloud

  • Oracle Accuses Google of Snooping Users

  • Mozilla Asks Supreme Court to Support Google in Case Against Oracle

  • Google asks U.S. Supreme Court to end Oracle copyright case

Latest News

EnGenius Brings Wi-Fi 7 to Small Businesses with Affordable ECW510 Access Point
Enterprise & IT

EnGenius Brings Wi-Fi 7 to Small Businesses with Affordable ECW510 Access Point

DJI to Showcase New Mic 3 and Full Product Portfolio at Berlin’s IFA
Drones

DJI to Showcase New Mic 3 and Full Product Portfolio at Berlin’s IFA

MSI Unveils MAG 272QP QD-OLED X50 Monitor
Consumer Electronics

MSI Unveils MAG 272QP QD-OLED X50 Monitor

Sony completes its INZONE gaming gear range with new headsets and more
Consumer Electronics

Sony completes its INZONE gaming gear range with new headsets and more

GIGABYTE Announces Availability of 27” QD-OLED Gaming Monitor AORUS FO27Q5P
Consumer Electronics

GIGABYTE Announces Availability of 27” QD-OLED Gaming Monitor AORUS FO27Q5P

Popular Reviews

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Noctua NH-D15 G2

Noctua NH-D15 G2

Terramaster F8-SSD

Terramaster F8-SSD

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

Soundpeats Pop Clip

Soundpeats Pop Clip

be quiet! Pure Base 501

be quiet! Pure Base 501

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed