Severity: High Summary: These vulnerabilities affect: Oracle Java Runtime Environment (JRE) and Java Development Kit (JDK) 7 Update 10 and earlier, on all platforms How an attacker exploits them: Multiple vectors of attack, including luring your users to a malicious web page containing specially crafted Java Impact: In the worst case, an attacker can gain complete control … [Read more...]
Out-of-Cycle IE Patch Mends Zero Day Vulnerability
Summary: This vulnerability affects: Internet Explorer 6 through 8 (9 and 10 are not affected) How an attacker exploits it: Usually, by enticing one of your users to visit a malicious web page Impact: Various, in the worst case an attacker can execute code on your user's computer, potentially gaining complete control of it What to do: Deploy the appropriate Internet … [Read more...]
WatchGuard Security Week in Review: Episode 47 – Piles of Patches
Critical Java 0Day, Piles of Patches, and More Ready for a weekly dose of InfoSec? This episode has a strong "patch" theme, with many vendors releasing some big security updates this week. Besides the patches, I also cover a few new 0day exploits, including a serious Java one getting leveraged quite a bit in the wild, and a couple crazy sounding security-related news items. If … [Read more...]
WatchGuard Security Week in Review: Episode 47 – Piles of Patches
Critical Java 0Day, Piles of Patches, and More Ready for a weekly dose of InfoSec? This episode has a strong "patch" theme, with many vendors releasing some big security updates this week. Besides the patches, I also cover a few new 0day exploits, including a serious Java one getting leveraged quite a bit in the wild, and a couple crazy sounding security-related news items. If … [Read more...]
Adobe Patch Day: Reader X and Shockwave Player Fixes
Severity: High Summary: These vulnerabilities affect: Flash Player, Reader X, and Acrobat X. Also news of a ColdFusion zero day exploit How an attacker exploits them: Multiple vectors of attack, including enticing your users to open malicious files or visit specially crafted web sites Impact: Various results; in the worst case, an attacker can gain complete control of your … [Read more...]