UPDATE: Apple just released Java for OS X 2012-001 and Java for Mac OS X 10.6 Update 7, which addresses this vulnerability. You can download the new versions fromhttp://www.apple.com/support/downloads. More information about the release notes athttp://www.oracle.com/technetwork/java/javase/releasenotes-136954.html
If you own a MacOS computer, you might want to disable java for a while until Oracle develops a patch to solve CVE-2012-0507vulnerability, because there is a Blackhole Exploit Kit version in the wild exploiting this vulnerability and it also can be exploited using metasploit.
If you want to disable java plugins in your MacOS computer, Marcus J. Carey created a video showing how to do it.
More information about this issue at https://www.f-secure.com/weblog/archives/00002341.html
Manuel Humberto Santander Peláez
SANS Internet Storm Center - Handler
Twitter: @manuelsantander
Web:http://manuel.santander.name
e-mail:msantand at isc dot sans dot org
SANS Internet Storm Center - Handler
Twitter: @manuelsantander
Web:http://manuel.santander.name
e-mail:msantand at isc dot sans dot org
Žádné komentáře:
Okomentovat