Security Bytes

Nov 11 2010   3:18PM GMT

SANS researcher: Implement every Java security fix



Posted by: cgibney
Tags:
Java
patch management

by Ron Condon, UK Bureau Chief

A timely reminder came from Daniel Wesemann today writing on the SANS Internet StormCenter blog about the need to make sure that Java is kept patched and up to date.

Oracle Corp. (which now owns Java, since buying Sun Microsystems last year) released a patch bundle for Java in October, which included a long list of security fixes, several for vulnerabilities that could allow drive-by exploits.

“And since Java is present on pretty much every Windows PC, and people don’t seem to do their Java updates quite as diligently as their Windows patches, there are a lot of vulnerable PCs out there,” says Wesemann.

He describes in detail one popular family of exploits doing the rounds at the moment, called “bpac”, which exploits the Hashmap vulnerability (CVE-2010-0840). A user only needs to browse an infected webpage, and the exploit pulls down a series of .exe files (in one case, up to 66 of them) that could be hard to clean up after the event.

Ironically, the attack would be stopped by a Java security fix issued in July, but, as Wesemann observes: “I guess the bad guys won’t start ‘burning’ their newest Java exploits while the old set is still going strong.”

His advice is short and sweet: “If you haven’t done so yet, hunt down and patch every incarnation of Java on the PCs that you are responsible for.”

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: