Feeds

Java and Flash fixes tax system security

More updates on the patch bandwagon

Top 5 reasons to deploy VMware with Tegile

Sys admins hoping to put their feet up after Microsoft's monthly update, which went far from smoothly, faced the problem of pushing out Java and Flash security updates issued at the tail end of last week.

Users are susceptible to hacking attacks just by viewing a web page that contains malicious Flash or Java content, as a result of multiple vulnerabilities in the packages. Fortunately, Adobe and Sun have both issued security updates designed to guard against possible attack.

A buffer overflow vulnerability in the image parsing code in the Java Runtime Environment means untrusted applets or applications could grant themselves permission to read and write local files. A separate system crashing vulnerability means users need to upgrade to JRE 5 Update 12 or JRE 6 Update 2. The issue, which also means developers need to upgrade Java Development Kit software, is explained in greater depth in Sun's advisory here.

Various versions of Adobe Flash Player are also subject to buffer overflow flaws, which likewise allow hackers to inject hostile code onto vulnerable systems. Users need to update to version 9.0.47.0, as explained here.

Although neither vulnerability has been packaged as a script-kiddie friendly exploit as yet, users and sys admins are urged to apply updates sooner rather than later. ®

Beginner's guide to SSL certificates

Whitepapers

Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.