In response to the latest string of hacking of high-profile firms like Apple, Facebook, Twitter, Microsoft and others, Oracle has finally launched an emergency patch that according to the multinational technology company should be effective against hackers. Oracle had to take action because recently some anonymous hackers breached into the systems of several high-profile companies in the US by taking advantage of two vulnerabilities in Web browsers that are running Java.
Oracle noted in a security alert on Monday, March 4th that “These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. For an exploit to be successful, an unsuspecting user running an affected release in a browser must visit a malicious web page that leverages these vulnerabilities. Successful exploits can impact the availability, integrity, and confidentiality of the user’s system.”
It has been determined that of the two vulnerabilities, hackers were found using one to access the computers of the users in order to install McRAT malware to the machines. Once McRAT malware is installed into the computer it starts to control servers, contact command and then copies itself into all files of Windows based systems.
According to Cnet, “Only days after scheduling its last zero-day vulnerability in February, Oracle found these two new exploits.” In spite of this the technology corporation did not wait to release the emergency patch in its listed quarterly update of April and issued it on February 4th.
The software security assurance director of Oracle, Eric Maurice, stated in his February 4th blog post that, “In order to help maintain the security posture of all Java SE users, Oracle decided to release a fix for this vulnerability and another closely related bug as soon as possible.”
The last few months have been quite tough for Oracle and during the period several companies which are using Java plug-in browsers have claimed that hackers were able to infiltrate into their systems by exploiting a vulnerability in the plug-ins. As a result of that Apple eventually blocked Java on some of its Mac systems. In addition to this, the U.S. Department of Homeland Security also declared back in January that PC users should turn off Java on their browsers because of vulnerability issues.
Cnet also reported that Oracle has made it known that, “the most recent vulnerabilities are only applicable to Java running in Web browsers — they don’t affect Java running on servers, standalone Java desktop applications, or embedded Java applications. They also do not affect Oracle server-based software.
Users can install and update their Java software by going to the Java Web site or through the Java auto update.”
Source: Cnet
Report – Samsung Galaxy S IV Will Have an Eye Scrolling Feature to Read Text Hands Free
The Pirate Bay Makes North Korea Its New Home
Lunches So Good Kids Can’t Ignore Them
Invigorating Ginger Smoothie
The U.K.’s Youngest Parents Ever
The new hair Jennifer Lawrence