Posted on 03-01-2013 08:27 AM
http://blog.fireeye.com/research/2013/02/yaj0-yet-another-java-zero-day-2.html
detected a brand new Java zero-day vulnerability that was used to attack multiple customers. Specifically, we observed successful exploitation against browsers that have Java v1.6 Update 41 and Java v1.7 Update 15 installed.
Posted on 03-01-2013 08:51 AM
sigh
Posted on 03-01-2013 10:37 AM
well, apple hasn't blacklisted the 6_41 version yet:http://configuration.apple.com/configurations/macosx/xprotect/3/clientConfiguration.plist
Posted on 03-01-2013 10:44 AM
They're probably not willing to incur that backlash again after the last time they jumped the gun on the blacklisting.
Posted on 03-01-2013 10:46 AM
LOLOL...
RT "@hammen: After the last month, earned 2 more IT certs: "Certified Flash Update Deployment" (CFUD) and "Certified Java Update Deployment" (CJUD)"
Posted on 03-01-2013 10:50 AM
@donmontalvo-Hahaha! I seriously need to put that onto my resume. I think we all should. Never know, it could prove handy in our next gigs! :D
Posted on 03-04-2013 06:11 AM
If only we could leverage xprotect!
EDIT: discussed and answered inhttps://jamfnation.jamfsoftware.com/discussion.html?id=6696
