Critical Java Update and a new Windows Vulnerability

Multiple security vulnerabilities have been found within the current Java runtime environments, both for client computers and for servers. These allow attackers to infect computers for example with a Trojan just by luring victims into visiting manipulated websites. Oracle now released updated software which users and administrators should install as soon as possible! Security holes in outdated Java versions get exploited very often on the Internet, thus updating minimizes the attack surface for cyber criminals.

In Windows operating systems – currently verified are Windows XP SP3 and Windows Server 2003 SP2 – a new security vulnerability has been found. It allows to take over a Windows PC which has network shares enabled. A patch has not been released yet. Especially in public places the firewall should be configured to block the TCP and UDP ports 137, 138, 139 and 445, respectively, or Windows file sharing should be disabled until a patch is available.

Dirk Knop
Technical Editor