Updates? I’ll pass thank you, my computer works just fine.

It’s not only what you don’t know that kills you but also what you do know that ain’t so.

While your computer may seem to be running just fine you may have several applications that are vulnerable to attack and can lead to your computer being compromised.

Java is used by a number of legitimate web sites for delivering content from the web through your browser. Unfortunately, the bad guys have become pretty good at finding exploitable weaknesses in Java, allowing them to take control and push all kinds of nasty stuff onto your computer.

An example of this is Java vulnerability CVE-2010-4452. It exploits a design flaw in the Java class loader to execute an unsigned Java applet with local user rights. This exploit is currently being used to push Fake AV software onto unsuspecting users.

The good news here is update 24 fixed this weakness in February of 2011. The bad news is if you’re not keeping up with your updates, you are still exposed. And for those keeping score, the current Java update level is 26.

The criminals are taking advantage of users being lazy about fixing security holes. Where do you stand with your updates?


About securitysnapshot

Security Snapshot LLC is a computer and information security company helping concerned business owners protect their reputation and their client's private and personal information.
This entry was posted in Current Threat, Fake AV, Java, Software Patches. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s