Showing posts with label zero-day vulnerabilities. Show all posts
Showing posts with label zero-day vulnerabilities. Show all posts

Wednesday, March 6, 2013

Emergency patch zero-day vulnerabilities in Java


Oracle has released an emergency patch zero-day vulnerabilities in Java


The company violated the second time release schedule updates, due to frequent hacking attacks.

On Monday, March 4, Oracle has introduced an unscheduled update Java 7 Update 17 and Java 6 Update 43 to fix two critical vulnerabilities in Java, one of which hackers use to carry out targeted attacks.

Exploits CVE-2013-1493 and CVE-2013-0809, which exist because of errors in sub-component 2D, received from Oracle highest danger level (CVSS Score 10.0).

Vulnerability can be exploited remotely by unauthorized users. An attacker can execute arbitrary code on the target system.
Read more »
на No comments:
Ярлыки: , ,

Tuesday, February 19, 2013

New Zero-day vulnerabilities in Adobe PDF


Symantec Corp. has detected an Internet activity, operating new zero-day vulnerability (CVE-2013-0640, CVE-2013-0641) in products Adobe Reader and Adobe Acrobat XI and earlier.

Adobe has not yet released a patch for this vulnerability, but has issued recommendations to counter their attacks exploiting. Solution for virus protection at mail servers Symantec Mail Security provides protection against these attacks, preventing the download of malicious PDF-files.

Initially, the online community was based on the report on the new 0-day vulnerability, published by FireEye. It was reported that as a result of its successful operation on the computer have been downloaded more files. Symantec expert analysis confirms this possibility.
Read more »
на No comments:
Ярлыки: , ,

Monday, February 18, 2013

Adobe will release emergency updates for Reader


Emergency vulnerability will be released during the week


This week, Adobe plans to release emergency patch for two critical zero-day vulnerabilities in the program Adobe Reader. The notification producer reported that gap is already being used by fraudsters. The exact release fixes the company is not known, but it should happen before the end of the week.

The first vulnerability is contained in the version of Reader for Windows, OS X and Linux. The second hole for the remote execution of malicious code on the target system, which is embedded in a specially created PDF-files.
Read more »
на No comments:
Ярлыки: , ,
Subscribe to: Posts (Atom)