大悲劇耶
| MozTW 討論區 https://forum.moztw.org/ |
|
| [2012/08/28] Java SE7 零時漏洞,建議暫時停用 Java。 https://forum.moztw.org/viewtopic.php?f=22&t=36005 |
第 1 頁 (共 1 頁) |
| 發表人: | 路人乙 [ 2012-08-29, 08:43 ] |
| 文章主題 : | [2012/08/28] Java SE7 零時漏洞,建議暫時停用 Java。 |
Java Zero-Day Attack Could Hit Enterprises Hard InformationWeek 寫: Calling all enterprises: disable Java in your browsers. 如果您的 Firefox 出現了奇怪的工具列,或首頁被綁架到「 hao123.com 」或「 http://www.360.cn 」,那表示您可能已經被安裝了惡意程式 "Dropper.MsPMs"。That warning has been sounded by numerous information security experts, following the discovery of an in-the-wild exploit that targets a zero-day vulnerability in Java, and for which no patch yet exists. "We have seen this unpatched exploit being used in limited targeted attacks. Most of the recent Java run-time environments i.e., JRE 1.7x are vulnerable," said Atif Mushtaq, senior staff scientist at FireEye Malware Intelligence Lab, which discovered the attack and identified the Java vulnerability it exploited. "[The] initial exploit is hosted on a domain named ok.XXX4.net. Currently this domain is resolving to an IP address in China," he said in a blog post. … 由於 Oracle 下次更新 Java 的預定日期在遙遠的 10 月 16 日,資安空窗期太長,因此專家建議最好先暫時關閉 Java,靜待 Oracle 的修正。 |
|
| 發表人: | taglife [ 2012-08-31, 14:50 ] |
| 文章主題 : | Re: [2012/08/28] Java SE7 零時漏洞,建議暫時停用 Java。 |
大悲劇耶
|
|
| 發表人: | 路人乙 [ 2012-08-31, 19:52 ] |
| 文章主題 : | Re: [2012/08/28] Java SE7 零時漏洞,建議暫時停用 Java。 |
taglife 寫: 大悲劇耶 剛剛史無前例地提前修補了: http://www.filehippo.com/download_jre/ |
|
| 發表人: | taglife [ 2012-08-31, 22:03 ] |
| 文章主題 : | Re: [2012/08/28] Java SE7 零時漏洞,建議暫時停用 Java。 |
路人乙 寫: taglife 寫: 大悲劇耶 剛剛史無前例地提前修補了: http://www.filehippo.com/download_jre/ 耶!漏洞應當趕緊修補的 
|
|
| 第 1 頁 (共 1 頁) | 所有顯示的時間為 UTC + 8 小時 |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|