11 Jan '13, 11pm

Concerned about #Java zero-day exploit and #Ruby on Rails vulnerability? We've got the details, including protections:

Clearly, this is a serious situation and people should take steps to protect themselves as best they can. People running Ruby on Rails should test and deploy the patches as soon as possible. Protecting yourself against the Java vulnerability is harder. While some have suggested disabling Java, that’s often not a realistic option due to it being a critical technology for business. The latest version of Java includes a security control that enables you to keep Java on the system but disable it in the browser: this may be a more viable option for some. Unfortunately, in some cases neither of these options will be viable. But we encourage people to evaluate these options and the risks we’ve outlined and make the best decision for their needs while planning to deploy the patch from Oracle as soon as possible when it is released.

Full article: http://blog.trendmicro.com/trendlabs-security-intelligenc...

Tweets

#Java zero-day exploit and #Ruby on Rails vulne...

blog.trendmicro.com 12 Jan '13, 12am

Clearly, this is a serious situation and people should take steps to protect themselves as best they can. People running R...

Security expert review on #Java zero-day exploi...

blog.trendmicro.com 11 Jan '13, 10pm

Clearly, this is a serious situation and people should take steps to protect themselves as best they can. People running R...

Java Zero-Day Exploit and Ruby on Rails Vulnera...

blog.trendmicro.com 11 Jan '13, 10pm

Clearly, this is a serious situation and people should take steps to protect themselves as best they can. People running R...

Do you really need to disable #Java? #zeroday #...

blog.trendmicro.com 11 Jan '13, 10pm

Clearly, this is a serious situation and people should take steps to protect themselves as best they can. People running R...

Concerned about #Java zero-day exploit and #Rub...

blog.trendmicro.com 14 Jan '13, 7pm

Clearly, this is a serious situation and people should take steps to protect themselves as best they can. People running R...

Java and Ruby on Rails vulnerabilities uncovered

networkedblogs.com 13 Jan '13, 10am

close Share Tweet Email Up Follow ITP.net

Exploit Code, Metasploit Module Out for Ruby on...

threatpost.com 10 Jan '13, 3pm

Just two days after the disclosure of a string of serious vulnerabilities in Ruby on Rails, researchers have released proo...

Exploit für Ruby on Rails im Umlauf

heise.de 10 Jan '13, 3pm

Für die am Mittwoch gemeldete, kritische Lücke in Ruby on Rails kursieren erste Exploits; es treffen auch bereits erste Be...

Bitcoins stolen with Ruby on Rails exploit

bitcointalk.org 13 Jan '13, 1pm

General discussion about the Bitcoin ecosystem that doesn't fit better elsewhere. News, the Bitcoin community, innovations...

.@appboy patches its servers after Ruby on Rail...

blog.appboy.com 11 Jan '13, 5pm

Earlier this week, a serious advisory was posted to the Ruby on Rails security discussion list . Unknown hacker groups had...

Dutch Govt Shuts Down Ruby on Rails Servers As ...

efytimes.com 11 Jan '13, 2pm

The Dutch government took the first step. It has shut down its system dubbed as DigiD, which allows users to access severa...

Ruby on Rails patches more critical vulnerabili...

infoworld.com 09 Jan '13, 12pm

Those using the Ruby on Rails Web application framework on their websites are being advised to update the software immedia...

#Exploit Info - VRT reviewed #Ruby on Rails vul...

vrt-blog.snort.org 10 Jan '13, 7pm

on the Ruby on Rails Security group January 8th contained a few phrases that cause alarm when used together: "inject arbit...

Exploit Code for Ruby on Rails Flaw Likely on t...

threatpost.com 09 Jan '13, 4pm

The vulnerabilities patched Tuesday in the Ruby on Rails Web framework have security researchers warning of the potential ...

Read @adamjodonnell's insights on the latest Ru...

blog.sourcefire.com 09 Jan '13, 8pm

A little under 24 hours ago two major, long-standing vulnerabilities were announced in the popular web programming framewo...