Java update

Sun has released Update 8 for Java Runtime Environment 5.0. This is an extremely important update.

JRE has long been used to install malware as it contains numerous vulnerabilities which allow remote code execution. Another important factor is that JRE works with all web browsers. This means that a vulnerability in JRE will affect all browsers.

In my mind the most serious issue in JRE has finally been fixed. The problem with previous JRE releases was that they didn’t prevent a Java applet from calling earlier JRE versions. As previous JRE versions aren’t uninstalled automatically this creates a very dangerous situation. If machines have the latest version of JRE, but older versions haven’t been manually uninstalled the machines are still vulnerable.

So install the latest update ASAP. Either go to the website or update the program via the control panel.

There have been reports in the past that the updater in the Java Control Panel will say that the latest version is present, even though it’s not. So double check that you have the latest version or go to the website.

P.S. If you uninstall all the older versions you’ll probably free up quite a lot of space on your hard disk.

Java update

Your email address will not be published.



Andariel deploys DTrack and Maui ransomware

Earlier, the CISA published an alert related to a Stairwell report, “Maui Ransomware.” Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speaking APT Andariel, also known as Silent Chollima and Stonefly.

APT trends report Q2 2022

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q2 2022.

Subscribe to our weekly e-mails

The hottest research right in your inbox