123 Simples News

Software & Security

123 Simples News > Software & Security

Java Security Alert for CVE-2013-0422

18 January 2013 - Posted by Doug, in Software & Security

You may have recently seen some of the extensive news coverage, including statements from the United States Department of Homeland Security, regarding a vulnerability in Java. Java is both a language and a platform to run websites and programs used by many computer users, both on the PC and Mac operating systems. This vulnerability leaves millions of computers open to malware attacks and can lure online traffic to virus-infected websites.

This Security Alert addresses security issues CVE-2013-0422 (US-CERT Alert TA13-010A - Oracle Java 7 Security Manager Bypass Vulnerability) and another vulnerability affecting Java running in web browsers. These vulnerabilities are not applicable to Java running on servers, standalone Java desktop applications or embedded Java applications. They also do not affect Oracle server-based software.

The fixes in this Alert include a change to the default Java Security Level setting from "Medium" to "High". With the "High" setting, the user is always prompted before any unsigned Java applet or Java Web Start application is run.

These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. To be successfully exploited, an unsuspecting user running an affected release in a browser will need to visit a malicious web page that leverages these vulnerabilities. Successful exploits can impact the availability, integrity, and confidentiality of the user's system.

Due to the severity of these vulnerabilities, the public disclosure of technical details and the reported exploitation of CVE-2013-0422 "in the wild," Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible.

Here is how you can check your installation of Java if using Windows 7:

Go to the Start Globe (lower left corner)
Choose Control Panel
Depending on how you may have your control panel setup you can find Java by -

View by Category > Programs > Java
View by Small Icons > Java

Left click on Java and then choose the Update Tab

On the update tab choose Update Now

The program will check to see if Java is up to date, and if not, it will download the latest version of Java.

When (or if it does need updating) then unless you want the free toolbar from Ask (which the install will suggest you have), then simply untick the box asking you to install the Ask Toolbar

Complete the installation, and you should be good to go and all updated.
View Comments 0 Comments
Share Post   

Protecting Hotmail Accounts

04 February 2012 - Posted by 123 Simples, in Software & Security

We have recently become aware that some users and friends who have hotmail email accounts have been subject to recent hacking issues. Once your hotmail account has been hacked, the persons responsible are then using your email account to send spam messages to your contact list. Sometimes they are also sending links within these messages designed to compromise the recipients computer if they are clicked on.

We strongly advise any one using Hotmail to make sure that they follow these sensible guidelines. Remember, if someone has hacked your email account, they now will have access to all your contact list and private emails or information. This should not be taken lightly and you should act quickly to restore a compromised hotmail account without delay.

Securing your account with a good password:
  1. Make sure you choose a good strong password for your email account. Make it at least 8 characters long
  2. Don't use your real name, username or a company name
  3. Include a combination of uppercase and lowercase letters, numbers and symbols
  4. Don't use the SAME password for multiple accounts. If a hacker gets in using a password, the chances are they will try the same password on other accounts belonging to you.
Keeping your computer safe and secure:
  1. Sometimes accounts can be hacked because you have not installed a good protective antivirus software. There are free and paid for alternatives available. Some free choices are:
    AVG Free
    Avast Free

    Paid for alternatives - Links go to Amazon Home Shopping
    Norton Internet Security
    Kaspersky Internet Security
If you account has been hacked, then go directly to Windows Hotmail and either try logging in using your username and password. If you can access your account, then go to password reset
View Comments 0 Comments
Share Post