Cisco issued three security advisories today, 20 JUN 2012; two are new, one is an update.
|
Russ McRee 204 Posts ISC Handler Jun 21st 2012 |
Thread locked Subscribe |
Jun 21st 2012 1 decade ago |
My co-worker Rutger pointed out that the advisory states: "any system which trusts Cisco's signing certificate chain may be impacted, even if Cisco AnyConnect Secure Mobility Client has never been installed on the system."
So it is wise to implement the suggested workarounds which consists of killbits for the ActiveX controls and blacklisting the SHA-1 hashes of the vulnerable .jar files. |
Anonymous |
Quote |
Jun 26th 2012 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!