- 01/02/2013 : Java SE 7 Update 14 and Java SE 6 Update 39 (50 security fixes)
- 07/02/2013 : APSB13-04 Security updates available for Adobe Flash Player
- 12/02/2013 : APSB13-05 Security updates available for Adobe Flash Player
- 12/02/2013 : APSB13-06 Security updates available for Adobe Shockwave Player
- 12/02/2013 : ms13-feb Microsoft Security Bulletin Summary for February 2013 (57 security fixes)
- 13/02/2013 : APSA13-02 Security advisory available for Adobe Reader and Acrobat
- 19/02/2013 : Java SE 7 Update 15 and Java SE 6 Update 41 (5 security fixes)
- 20/02/2013 : APSB13-07 Security updates available for Adobe Reader and Acrobat
- 26/02/2013 : APSB13-08 Security updates available for Adobe Flash Player
And a Polish security firm found yet other vulnerabilities in Java which have not been patched yet!
My recommendations about this are:
- Limit the execution of Java applets to a limited list trusted websites only, or better to disable Java applets altogether
- Auto-update as much as you can on the client side: Java, Flash, Chrome, Firefox, etc.
- Push Microsoft update very rapidly on workstations, preferably immediatly: The risk (likelihood and impact) of something breaking is lower than the cost of cleaning up the environment/reputation after a breach
Posts
No comments:
Post a Comment