Monday 4 March 2013

Oracle having a really bad bad time, 5 new flaws detected

Oracle having a really bad bad time, 5 new flaws detected

Seems like the troubles are never leaving Oracle since the 0day exploit was reported nearly a month ago.  After couple of updates to stop the exploit, it is found that the update itself is as vulnerable as the original exploit it was supposed to stop.

The Polish Security firm responsible for identifying the majority of the latest Java security holes, Security Explorations has send a vulnerability notice in the latest update, including proof of concept code for five new flaws. Oracle confirmed it received the report today and has begun investigating. 

However it may please the Oracle top honchos to note that the Security Explorations has said that the vulnerabilities need to be linked together to bypass Java’s security checks, and that this particular set isn’t yet being used by attackers to the company’s knowledge.

This is the latest news from last week that at least three 0-day vulnerabilities were found in the company’s software, and at least one is actively being exploited. The “0-day” or “zero-day” refers to a security hole that has not been publicly disclosed yet, and so doesn’t have a patch available which was first reported by another security firm FireEye.

Since than it has been confirmed that at least one exploit out of total 8 may have been exploited in the 'wild'.  So there is every possibility that some major dot com may report another set of hacking.  Evernote had reported yesterday that its data was accessed and it had reset passwords of all its users across the board. Though it said that its data was not compromised but to be on the safer side, it just reset all the passwords. As of now the Evernote mishap has not been linked to Java in any which way.

We will have to see how much longer the Java saga continues.  Till that time please disable Java in your PC to be on the safer side.  If you have not done so already, please visit this page to learn the same.  Further feel free to read almost 4 articles on this subject.

Vijay Prabhu

Share this post
  • Share to Facebook
  • Share to Twitter
  • Share to Google+
  • Share to Stumble Upon
  • Share to Evernote
  • Share to Blogger
  • Share to Email
  • Share to Yahoo Messenger
  • More...


:) :-) :)) =)) :( :-( :(( :d :-d @-) :p :o :>) (o) [-( :-? (p) :-s (m) 8-) :-t :-b b-( :-# =p~ :-$ (b) (f) x-) (k) (h) (c) cheer

Posts RSSComments RSSBack to top
© 2013 ComboUpdates - Powered by Blogger
Released under Creative Commons 3.0 CC BY-NC 3.0