Java Zero-Day Exploit and Ruby on Rails Vulnerabilities | Trend Micro Security Intelligence Blog

#Java zero-day exploit and #Ruby on Rails vulnerability details, including protections, from @TrendLabs #security:

Clearly, this is a serious situation and people should take steps to protect themselves as best they can. People running Ruby on Rails should test and deploy the patches as soon as possible. Protecting yourself against the Java vulnerability is harder. While some have suggested disabling Java, that’s often not a realistic option due to it being a critical technology for business. The latest version of Java includes a security control that enables you to keep Java on the system but disable it in the browser: this may be a more viable option for some. Unfortunately, in some cases neither of these options will be viable. But we encourage people to evaluate these options and the risks we’ve outlined and make the best decision for their needs while planning to deploy the patch from Oracle as soon as possible when it is released.

Full article: http://blog.trendmicro.com/trendlabs-security-intelligenc...