Get your Java While Its Hot

Oracle released Java JRE 1.7 update 7 and 1.6 update 35 today patching critical security holes. Most security professionals recommended disabling Java or removing it while waiting for this update.   So if you’ve ignored that advice, you need to upgrade as soon as possible.

Java exploitation on the rise

The deadline for getting up to date on the latest Java has come an gone. Microsoft posted on the 20th that they were seeing exploit code attacking the vulnerability in Java which Oracle patched in February. Yesterday Brian Krebs posted that an exploit for this vulnerability is now in one of the more popular exploit kits.  …

Continue reading ‘Java exploitation on the rise’ »

F-Secure on Java

F-Secure generated a lot of traffic in the blogosphere with their post declaring Java harmful and better to not be installed on computers.   To me the only surprising part is the discussions this generated.   Isn’t this old news?   Principle of least privilege says to remove it if you don’t need it.   So when you’re regularly updating an …

Continue reading ‘F-Secure on Java’ »