Java 6 is of particular focus since Oracle is no longer issuing updates for it. Qualys CTO Wolfgang Kandek agreed, noting his firm still sees "very high rates" of Java 6 installed and many businesses are reluctant to upgrade out of fear of disrupting business critical applications. ![]() In his tweet, Hirvonen advised users to either uninstall Java or upgrade to the latest version, Java Runtime Environment 7 update 25. The Neutrino kit is well-known to security researchers, and was spotted in March by Trend Micro being offered for rental at a price of $40 per day or $450 per month (both USD).Īccording to, CVE-2013-2463 "allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D." The vulnerability applies to client deployments of Java only, and Oracle Java SE 7 Update 21 and earlier, version 6 Update 45 and earlier and version 5.0 Update 45 and earlier a well as OpenJDK 7. In a tweet, F-Secure's Timo Hirvonen warned that an exploit for CVE-2013-2463 is circulating a week after proof-of-concept code for an exploit appeared. ![]() ![]() Security researchers are recommending Java users upgrade to the latest version due to a new exploit that has made its way into the Neutrino exploit kit.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |