java

Microsoft EMET has a problem with Java – but who doesn’t ?

EMET stands for Enhanced Mitigation Experience Toolkit – and it is a tool that you MUST have installed on your Windows PC. EMET is a utility that helps prevent vulnerabilities in software from being successfully exploited.EMET achieves this goal by using security mitigation technologies. These technologies function as special protections and obstacles that an exploit author must defeat to exploit software vulnerabilities. These security mitigation technologies do not guarantee that vulnerabilities cannot be exploited. However, they work to make exploitation as difficult as possible to perform. For more information about EMET, click the following article number to view the article…


No Picture

The sad state of Java security

I wrote many times about Java, their vulnerabilities, how to disable it… Just search in this blog for the term Java.         I’ve been asked many times why do I think that we are seeing these zero day vulnerabilities. The problem The problem of Oracle is that they bought a technology that was stretched out to be actually “write once, run everywhere”. The Virtual Machine that provides this functionality had to be ported to all devices, and lately (in the past few years) also on mobile devices. As written in the news, even if the “run everywhere” meant…


No Picture

More quotes of me about the Java zero-day exploit

“Developing critical software under pressure has only one consequence — even more bugs,” said Avira data security expert Sorin Mustaca. “I expect to soon see even more bugs and vulnerabilities related to this quick fix.”   http://www.linuxinsider.com/story/77079.html http://www.technewsworld.com/story/77079.html http://www.torontotelegraph.com/index.php/sid/211938962/scat/ebc9d7769bc0759e http://www.ecommercetimes.com/story/security/77079.html http://www.macworld.com/article/2025137/security-agency-recommends-disabling-java-due-to-exploit.html http://www.csoonline.com/article/726380/us-cert-disable-java-in-browsers-because-of-exploit http://www.cio.com/article/726307/US_CERT_Disable_Java_in_browsers_because_of_exploit http://www.computerworld.com/s/article/9235615/US_CERT_Disable_Java_in_browsers_because_of_exploit http://www.businesswire.com/news/home/20130114005440/en/Avira-Security-Software-Detects-Java-7-Exploits http://www.latinospost.com/articles/9642/20130115/java-flaw-patch-now-available-download-experts.htm     OMG.. my blog posts start to sound like those of Bruce Schneier : full of links where I am quoted … 🙂


No Picture

Quoted in Oracle Journal about the Java zero day exploit

Source: http://oracle.sys-con.com/node/2510668 Avira Security Software Detects Java 7 Exploits   “Whenever a vulnerability like this is discovered – especially when it is in a widely distributed software like Java – the bad guys are quick to write exploits that take advantage of the flaw,” said Sorin Mustaca, IT security expert at Avira. “While Oracle ultimately needs to patch Java, in the meantime we can at least prevent our customers from falling victim to the exploits.”  


No Picture

Articles about Java zero-day exploit

http://www.technewsworld.com/story/77079.html Oracle rushed out a patch for a Java flaw that was so serious the U.S. government advised users to uninstall the software. The fix might have come too quickly, however. “Developing critical software under pressure has only one consequence — even more bugs,” said Avira data security expert Sorin Mustaca. “I expect to soon see even more bugs and vulnerabilities related to this quick fix.”     http://www.mercurynews.com/business/ci_22371381/java-flaw-still-worries-some-experts-despite-fix “This is definitely a temporary fix,” said Sorin Mustaca, a data security expert with Avira, a German-based company that sells anti-virus software. “If you do a fix under a lot of…


No Picture

Another Strange bundle or did Sun and Yahoo merge ?

I was prompted today to update the Java framework on my laptop. I said, yes, update it and then I’ve seen the picture below: So, I ask, what the hack has Yahoo to do with Sun ? Why a stupid, useless and nerving toolbar is being installed with the Java framework ? Did Sun buy Yahoo or Yahoo did buy Sun ? No So why ? Of course, I am an ideologist and don’t accept the obvious answer: for money which Yahoo paid to Sun.


No Picture

The power of money … or WTF has Java to do with Yahoo ?!

Immediately after I started my laptop today, I got a popup announcing me that I have to install a Java update. Well, knowing that it has vulnerabilities, I said… OK, do it. And then I continued to work … After a couple of seconds, I see the following popup : So, now the legitimate question: Why am I offered to get that damn toolbar ( I HATE toolbars !!!!) only because I wanted to update Java. What has Java (or Sun ) to do with Yahoo ? I think that nothing else than … money. I guess Yahoo pays a…


By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close