Multiple security vulnerabilities have been found within the current Java runtime environments, both for client computers and for servers. These allow attackers to infect computers for example with a Trojan just by luring victims into visiting manipulated websites. Oracle now released updated software which users and administrators should install as soon as possible! Security holes in outdated Java versions get exploited very often on the Internet, thus updating minimizes the attack surface for cyber criminals.
In Windows operating systems – currently verified are Windows XP SP3 and Windows Server 2003 SP2 – a new security vulnerability has been found. It allows to take over a Windows PC which has network shares enabled. A patch has not been released yet. Especially in public places the firewall should be configured to block the TCP and UDP ports 138, 139 and 445, respectively, or Windows file sharing should be disabled until a patch is available.
Dirk Knop
Technical Editor
Related Posts
- Update: 40 Windows apps contain critical bug, says researcher
About 40 different Windows applications contain a critical flaw that can be used by attackers to hijack PCs and infect them with malware, a security researcher said.
View full post on Computerworld... - Microsoft ‘working’ on patch for critical Windows vulnerability
Microsoft is now working on a patch to prevent exploits of a newly discovered vulnerability that affects all versions of Windows.
View full post on Network World on Security... - iTunes Update Fixes Critical Vulnerability
A single critical vulnerability in the Windows version of iTunes 9.2 is fixed in the just-released version 9.2.1.
The vulnerability, reported to Apple by Clint Ruoho of Laconic Security, is ... - Update on the Windows Help and Support Center Vulnerability (CVE-2010-1885)
Just a quick post here to provide an update on the attack attempts related to the Help and Support Center vulnerability and to stress the importance of applying the critical update made available toda... - Update: Microsoft Looking Into Critical XP, Windows 2000 Bug
Microsoft has announced on Twitter that they are investigating reports of a critical bug in mfc42.dll affecting Windows 2000 and Windows XP.
View full post on PCMag.com Security Coverage... - Adobe updates Reader and Acrobat
A little earlier as announced, Adobe released updated versions of Adobe Acrobat and Reader. These programs were vulnerable to the Flash Player zero-day-vulnerability as well, which was fixed last week... - Flash Player Update available
Just a short notice on the now available Adobe Flash Player Update: Version 10.2.159.1 has been released which fixes the critical security vulnerability which allow attackers to infect computers with ... - Microsoft Windows SMB “mrxsmb.sys” Remote Heap Overflow Vulnerability
Technical Description
A vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers or malicious users to cause a denial of service or take complete control o... - Windows Phone 7 update bricks some handsets – Microsoft in security middle ground
Microsoft tried to push an update to their newly released Windows Phone 7 this week and accidentally bricked some Samsung-branded handsets.
Microsoft has since pulled the update, but only for the Sams... - Windows 0-day SMB mrxsmb.dll vulnerability, (Wed, Feb 16th)
A new vulnerability has been discovered exploiting SMBcomponent of Windows. The attack involves sending of malformed Browser Election requests leading the heap overflow within the mrxsmb.dll driver.Th...
Posted on 17 February 2011. Tags: critical, Java, Update, Vulnerability, Windows
The above information is reprinted from and copyrighted © by Avira.
