In reponse to the recent critical exploit in the Java Runtime Environment (JRE), Tech Guru has rolled out several security updates for its clients to limit the effects of the exploit on Tech Guru’s networks.
The Java exploit requires a user to visit a “poisoned page” that contains specifically crafted Java code. The target computer can then be convinced to run malicious code without warning, allowing remote code execution.
Protection Tech Guru has employed includes the Oracle update for the specific exploit that has prompted the media coverage (Java 7 Update 11 in CVE-2013-0422), as well as scheduling the deployment of a Microsoft Critical security update tonight to address a similar vulnerability in Internet Explorer (see Advance Notification).
To see if you are at risk of being affected by this Java exploit, please visit the following site: https://browserscan.rapid7.com/scanme. If you have any concerns about the safety of your network, we recommend you contact your IT provider as soon as possible.
Because of this and other vulnerabilities, as well as becoming the most frequent target of malicious attacks, the Department of Homeland Security Office of Cybersecurity and Communications has recommended disabling Java wherever possible (VU#625617).
It is recommended you do not visit unknown websites, and that you carefully read all security pop-ups when running active content. If you notice any unexpected Java prompts or suspicious behavior on your network, you should immediately notify your IT provider. Tech Guru is here to help if you need us.
Dan Moshe helps business owners in the Minneapolis area with all things tech, and is the CEO of the Caring IT company Tech Guru. He cares about your business as much as you do!