Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Java Update for February

Published: 2012-02-16
Last Updated: 2012-02-16 16:04:44 UTC
by Tony Carothers (Version: 1)
0 comment(s)

The February Critical Patch Update for Java SE was recently released from Oracle.  February has brought the release of 14 patches from Oracle that are categorized as Critical.  As stated on the release page "All of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password."

This alone is reason enough to fast track this package into your change management solution and deploy as quickly as possible.
 

Tony Carothers

tony d0t carothers at gmail

Keywords: java Oracle patches
0 comment(s)
ISC StormCast for Thursday, February 16th 2012 http://isc.sans.edu/podcastdetail.html?id=2332

Adobe Flash Player Update

Published: 2012-02-16
Last Updated: 2012-02-16 05:40:21 UTC
by Johannes Ullrich (Version: 1)
2 comment(s)

On Tuesday, Adobe released an update for Shockwave Player (APSB12-02) and RoboHelp for Word (APSB12-04). The odd question on tuesday was: What happened to APSB12-03. Today, we learned the answer: Another bulletin from Adobe, APSB12-03, accompanied by a patch for Adobe's Flash player.

Sadly, with the odd release date, this bulletin has fallen a bit between the cracks. However, you should apply the patch *QUICKLY* as at least one of the vulnerabilities has already been exploited in the wild.

http://www.adobe.com/support/security/bulletins/apsb12-03.html

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Keywords: adobe flashplayer
2 comment(s)
Diary Archives