Tag Archives: security

New Java 1.7 vulnerability

I found this in my email:

http://www.h-online.com/developer/news/item/Dangerous-vulnerability-in-latest-Java-version-1781156.html

I will disable Java plugin in all browsers on my machines at work on Monday.

Cert.org is taking this seriously: http://www.kb.cert.org/vuls/id/625617

This could be used against Linux, Mac or Android, not just Windows, if anyone cared to try. They would not have access to root without further exploits, although popping up a window that looks like your Updater, or Microsoft’s, would catch some inexperienced Linux users.

Ralph Langner discusses Stuxnet

Ralph Langner discusses the Stuxnet attack that hit the Iranian nuclear plants and accidentally hit lots of other places. I especially appreciated his comments on Symantec’s paper. He doesn’t appreciate their conclusions: “… few attackers will be capable of producing a similar threat.” etc.