#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

java update | Breaking Cybersecurity News | The Hacker News

Oracle Issues Emergency Java Update for Windows

Oracle Issues Emergency Java Update for Windows

Feb 08, 2016
The US-based software maker Oracle delivered an unusual out-of-box emergency patch for Java in an effort to fix a during-installation flaw on the Windows platforms. The successful exploitation of the critical vulnerability, assigned CVE-2016-0603 , could allow an attacker to trick an unsuspecting user into visiting a malicious website and downloading files to the victim's system before installing Java 6, 7 or 8. Although the vulnerability is considered relatively complex to exploit, a successful attack results in " complete compromise " of the target's machine. What You Need to Know About the Java Exploit The successful attack requires an attacker to trick a suitably unskilled user for opening a Java release even though the user is nowhere near the Java Website. Since the existence of the loophole is only during the installation process, users are not required to upgrade their existing Java installations in order to address the vulnerability.
Update Your Java to Patch 20 Vulnerabilities Or Just Disable it

Update Your Java to Patch 20 Vulnerabilities Or Just Disable it

Jul 16, 2014
Today, Oracle has released its quarterly Critical Patch Update (CPU) for the month of July, as part of its monthly security bulletin, in which it fixes a total of 113 new security vulnerabilities for hundreds of the company's products. The security update for Oracle's popular browser plug-in Java addresses 20 vulnerabilities in the software, all of which are remotely exploitable without authentication, that means an attacker wouldn't need a username and password to exploit them over a network. MOST CRITICAL ONE TO PATCH FIRST Oracle uses the Common Vulnerability Scoring System (CVSS) to provide an open and standardized rating of the security holes it finds in its products. One or more of the Java vulnerabilities received the most "critical" rating according to Oracle's Common Vulnerability Scoring System (CVSS), i.e. base score of 10 or near. Although, numerous other Oracle products and software components addressed in the latest security updates, which address
Oracle releases Critical Update to Patch 104 Vulnerabilities

Oracle releases Critical Update to Patch 104 Vulnerabilities

Apr 16, 2014
It's time to update your Java program as Oracle has released its massive patch package for multiple security vulnerabilities. The United States software maker Oracle releases its security updates every three months, which it referred to as " Critical Patch Updates " (CPU). Yesterday, Oracle released its second CPU-date of this year providing important updates that include a total of 104 vulnerabilities, the company has announced . From the overall vulnerabilities, 37 security vulnerabilities impact Java SE and several of these flaws are so serious that it can be remotely exploited by a malicious malware to gain system access and execute arbitrary code with the privileges of a local user. Successful exploitation also allows an attacker to manipulate certain local data on a system and can cause a DoS attack without the need of authentication credentials, which means the flaws can be exploited over a network without the need for a username and password to crashin
cyber security

Guide: Secure Your Privileged Access with Our Expert-Approved Template

websiteDelineaIT Security / Access Control Security
Transform your Privileged Access Management with our Policy Template—over 40 expertly crafted statements to elevate compliance and streamline your security.
New Guide: How to Scale Your vCISO Services Profitably

New Guide: How to Scale Your vCISO Services Profitably

May 09, 2024vCISO / Regulatory Compliance
Cybersecurity and compliance guidance are in high demand among SMEs. However, many of them cannot afford to hire a full-time CISO. A  v CISO can answer this need by offering on-demand access to top-tier cybersecurity expertise. This is also an opportunity for MSPs and MSSPs to grow their business and bottom line. MSPs and MSSPs that expand their offerings and provide vCISO services will cater to SME requirements and concerns. By answering this market gap, they can grow their customer base as well as upsell to existing clients. This will lead to recurring revenue and increased profitability. Developing and scaling vCISO services requires a well-thought-out plan. This will help guide you through the required processes, anticipate and overcome challenges and optimize resource use. To aid you, we introduce a comprehensive and actionable  guide: "How to Scale Your vCISO Services Profitably" . The guide was developed based on the experience of industry leader  Cynom i, who has helped hun
Expert Insights
Cybersecurity Resources