- Jun 9, 2013
- 6,720
I am about to head to Las Vegas for Ivanti’s Interchange 2017 at The Mirage hotel and feeling a bit in a gambling mood, so I am going to take a shot at this month’s forecast and see if luck is on my side.
This month we will also explore the dangers of phishing scams and hardware vulnerabilities. Let’s also recap the Java update which was part of the Oracle CPU the week after April Patch Tuesday for those who may not have updated it yet.
Java
Starting with Java. The April CPU from Oracle released many updates, including Java. This quarter’s update for Java was a small one: eight total CVEs, seven of which can be exploited remotely without authentication. Two are rated at a CVSS of 8.3 and one is 7.7. All three fit the profile for vulnerabilities more likely to be exploited (based on Verizon Data Breach Investigation Report 2016 research).
Since 2015, Java exploits have been on the decline, which is good. This has been attributed to the release of Java 8 and more frequent updating by companies, efforts by Oracle to double-down on resolving vulnerabilities and removal of older Java versions from production systems. It’s great to see the decline of exploits in what used to be the number one exploited application.
Full Article. Viral phishing scams and vulnerabilities: What to watch out for this Patch Tuesday - Help Net Security
This month we will also explore the dangers of phishing scams and hardware vulnerabilities. Let’s also recap the Java update which was part of the Oracle CPU the week after April Patch Tuesday for those who may not have updated it yet.
Java
Starting with Java. The April CPU from Oracle released many updates, including Java. This quarter’s update for Java was a small one: eight total CVEs, seven of which can be exploited remotely without authentication. Two are rated at a CVSS of 8.3 and one is 7.7. All three fit the profile for vulnerabilities more likely to be exploited (based on Verizon Data Breach Investigation Report 2016 research).
Since 2015, Java exploits have been on the decline, which is good. This has been attributed to the release of Java 8 and more frequent updating by companies, efforts by Oracle to double-down on resolving vulnerabilities and removal of older Java versions from production systems. It’s great to see the decline of exploits in what used to be the number one exploited application.
Full Article. Viral phishing scams and vulnerabilities: What to watch out for this Patch Tuesday - Help Net Security
