'Unprecedented wave' of Java exploits hits users, says Microsoft: Microsoft said Monday that an "unprecedented wave" of attacks are exploiting vulnerabilities in Oracle's Java software. According to [Holly Stewart,] a manager at Microsoft's Malware Protection Center (MMPC), attempts to exploit Java bugs have skyrocketed in the past nine months, climbing from less than half a million in the first quarter of 2010 to more than 6 million in the third quarter. ... Stewart noted that the bulk of the attacks in the quarter that ended Sept.
30 were exploiting just three Java vulnerabilities, all of which had been patched months or even years ago. ... Stewart had a theory why the massive increase in attacks went unnoticed, basing it on what she claimed was "Java blindness" on the part of vendors that produce and sell intrusion-detection and -prevention software. ... Microsoft's Stewart urged users to update Java by applying all available patches. [Date: 18 October 2010; Source: http://www.computerworld.com/s/article/9191640/]
Security problems in media players: Vulnerabilities in the Winamp and RealPlayer media players reportedly allow malicious code to be injected and executed on Windows PCs via specially crafted media files. Simply accessing a compromised web page could, under certain circumstances, be enough to fall victim to an attack. RealPlayer contains a total of seven holes across its various versions. Updating to versions SP
1.1.5, 4.0 Beta, RealPlayer Enterprise 2.1.3, Mac RealPlayer 11.0 - 12.0 or Linux RealPlayer 11.0.2.174 addresses the problems. Winamp's code for processing .mkv and .mtm files contains two vulnerabilities which can reportedly be exploited to compromise systems. The affected version is Winamp 5.581, but previous versions are also likely to be vulnerable. No update has so far become available. While the programmer who discovered the Winamp holes had originally reported two further holes, these holes could not be reproduced. [Date: 18 October 2010; Source: http://www.h-online.com/security/news/item/Security- problems-in-media-players-1109782.html]
No comments:
Post a Comment