TechBlog

Security News? Just a few clicks away

Search Results for: java

Oracle released the scheduled Java security update for April

This update should fix at least 42 security flaws in 24 products. Interestingly, this update also introduces some new features designed to alert users about the security risks of running some Java content.   But, if you saw this article … Continue reading

Emails with malicious URLs use the tragedy in Boston to exploit vulnerable Java installations (updated)

Yesterday the USA has suffered a bomb attack during a marathon that took place in Boston. This attack was characterized by the US President as a “terrorist attack” since it involved civilians. Not even 24h later, we have started to … Continue reading

Microsoft, Apple, Facebook victims of Java exploits

We wrote several times that when Oracle fixed quickly the security holes in Java, it did not have enough time to address the source of the problem. This can be now seen more clear after big names in the IT … Continue reading

Didn’t you uninstall Java already?

If you didn’t uninstall it, then think again about this. Here is how to uninstall or deactivate Java from your system. Oracle has announced that they fixed with the update on February 1st only a part of the problems originally … Continue reading

Be aware of fake Java patches for the zero-day exploits

We and pretty much the rest of IT world, have written about the Java zero-day exploit, about the fast patch that Oracle release to remove some of the market pressure and also about the fact that such a quick move … Continue reading

Yet a new Java zero-day exploit?

We don’t know yet if this is a bad joke intended to discredit Oracle and Java, but the media is buzzing about a possible new undetected exploit in Java. This was started by a post of the security researcher Brian … Continue reading

How to disable the Java web plug-in in all browsers

We have written about Java and its regular vulnerabilities, two (here and here) of which were zero-day vulnerabilities. Java is a very strong tool because it is cross platform and if a vulnerability is being found on one platform, it … Continue reading

Oracle has fixed the Java zero-day exploit

After the huge media impact that followed up the full disclosure of the vulnerability in Java 7 Update 10, many national and international organizations have started to recommend to their readers to uninstall Java (Germany’s BSI, US-Cert). Oracle couldn’t just … Continue reading

YAJZE: Yet another Java Zero-Day Exploit (Update)

Unfortunately, it is really the case to say that Java has “yet another zero-day exploit”. The latest version of Java, v7 Update 10 is affected and currently there is no plan for a patch. The vulnerability which is already used … Continue reading

Oracle has released the patch for the Java 0-day exploit

We wrote about the Java 0-day exploit (CVE-2012-4681) and that there is no fix available from Oracle. In the meanwhile, we have added also detection for the exploit starting with t he engine  version 8.2.10.148 or higher. All Avira products detect this … Continue reading