| 11 |
| Jan |
Java Zero Day: What you need to know
Article by Christopher BuddFiled under: Cybercrime,Hackers and Phishing,Viruses and Malware | RSS 2.0 | 7 Comments |
You might have heard in the news about an issue with Oracle’s Java that has been targeted by hackers over the past couple of days.
These attacks are happening because of a problem with Java that will require an update to fix. Unfortunately, that update isn’t available yet. Until it becomes available, it’s possible there will be new attacks using this approach, so we encourage you to take some action to protect yourself and your family.
The good news: Trend Micro customers know that our teams are always working to protect them, and the latest signatures for our Titanium™ security products provide protection against the attacks that we know of so far that exploit this issue with Java. Please make sure your Titanium security is up-to-date to enable these protections.
If you don’t need it, you might want to think about disabling Java altogether: that would protect you against both these current attacks and any future attacks against Java. We have information on how you can do this here.
Our teams will continue to watch for new attacks using this approach, and will provide updates with any information you will need to know.
Update as of 11:45 AM PST, January 14, 2013
Oracle has released an update to Java which patches the vulnerability targeted by this attack. You can get this update from the official Java website.
Want to learn about protecting your business from the Java zero-day exploit and Ruby on Rails vulnerability? Check out our Security Intelligence blog.
This entry was posted on Friday, 11. January 2013 and is filed under "Cybercrime, Hackers and Phishing, Viruses and Malware". You can follow any responses to this entry with RSS 2.0. You can leave a response here, or send a trackback from your own site.
7 Comments to "Java Zero Day: What you need to know"
Margie:Sunday, 13. January 2013 at 12:21 am |
|
|
The article from Homeland security suggested leaving things alone if you have Java older than version 7. Mine is older do you all agree or do I uninstall Java (can’t disable on this version) |
|
Java Zero-Day Exploit and Ruby on Rails Vulnerabilities | Trend Micro Security Intelligence Blog:Monday, 14. January 2013 at 2:11 am |
|
|
[...] Want a less technical explanation about protecting your personal computer from the Java zero-day exploit? Check out our Fearless Web blog. [...] |
|
Christopher Budd:Monday, 14. January 2013 at 7:52 pm |
|
|
Hi thank you very much for reading and your question. You always want to be running the latest version of software: that helps to keep you safest because they put all the latest fixes in those. Oracle released an update for Java that fixes the problem we were talking about so I’d recommend you either uninstall Java if you can, or go ahead and update with the latest version. That will protect you from this problem and give you the ability to disable Java in the browser too. |
|
Christopher Budd:Monday, 14. January 2013 at 7:54 pm |
|
|
Hi there, Thanks for reading and for your note. If you’ve got all browsers you should either remove Java altogether or go ahead and disable it for all the browsers you have. Even if you have a browser you don’t normally use, there’s a chance you (or someone else) might use it at some point. In that case you don’t want them to be at risk without realizing it. If you’re not using Java though, it’s best to just go ahead and remove it altogether. |
|
Kristen Grumbine:Wednesday, 16. January 2013 at 2:11 am |
|
|
@FirstClassKris This is very much appreciated, since I’m responsible for keeping the business tech safe & up to date! Recommending Titanium package to our Doc! |
|
Java Zero-Day Exploit and Ruby on Rails Vulnerabilities | Simply Security:Monday, 4. February 2013 at 6:40 pm |
|
|
[...] Want a less technical explanation about protecting your personal computer from the Java zero-day exploit? Check out our Fearless Web blog. [...] |
|
Chris:
Saturday, 12. January 2013 at 3:21 pmWhat needs to be done if you have ALL the browsers example: I have Chrome, Internet Explorer & Firefox which I only use Chrome, but my question is do we have to uninstall the Java for ALL of our Browsers or just the one that we are using? Thank you