12 Jan '13, 12am

#Java zero-day exploit and #Ruby on Rails vulnerability details, including protections, from @TrendLabs #security:

Clearly, this is a serious situation and people should take steps to protect themselves as best they can. People running Ruby on Rails should test and deploy the patches as soon as possible. Protecting yourself against the Java vulnerability is harder. While some have suggested disabling Java, that’s often not a realistic option due to it being a critical technology for business. The latest version of Java includes a security control that enables you to keep Java on the system but disable it in the browser: this may be a more viable option for some. Unfortunately, in some cases neither of these options will be viable. But we encourage people to evaluate these options and the risks we’ve outlined and make the best decision for their needs while planning to deploy the patch from Oracle as soon as possible when it is released.

Full article: http://blog.trendmicro.com/trendlabs-security-intelligenc...

Tweets

Concerned about #Java zero-day exploit and #Rub...

blog.trendmicro.com 11 Jan '13, 11pm

Clearly, this is a serious situation and people should take steps to protect themselves as best they can. People running R...

Security expert review on #Java zero-day exploi...

blog.trendmicro.com 11 Jan '13, 10pm

Clearly, this is a serious situation and people should take steps to protect themselves as best they can. People running R...

Java Zero-Day Exploit and Ruby on Rails Vulnera...

blog.trendmicro.com 11 Jan '13, 10pm

Clearly, this is a serious situation and people should take steps to protect themselves as best they can. People running R...

Do you really need to disable #Java? #zeroday #...

blog.trendmicro.com 11 Jan '13, 10pm

Clearly, this is a serious situation and people should take steps to protect themselves as best they can. People running R...

Concerned about #Java zero-day exploit and #Rub...

blog.trendmicro.com 14 Jan '13, 7pm

Clearly, this is a serious situation and people should take steps to protect themselves as best they can. People running R...

Java and Ruby on Rails vulnerabilities uncovered

networkedblogs.com 13 Jan '13, 10am

close Share Tweet Email Up Follow ITP.net

Exploit Code, Metasploit Module Out for Ruby on...

threatpost.com 10 Jan '13, 3pm

Just two days after the disclosure of a string of serious vulnerabilities in Ruby on Rails, researchers have released proo...

Bitcoins stolen with Ruby on Rails exploit

bitcointalk.org 13 Jan '13, 1pm

General discussion about the Bitcoin ecosystem that doesn't fit better elsewhere. News, the Bitcoin community, innovations...

.@appboy patches its servers after Ruby on Rail...

blog.appboy.com 11 Jan '13, 5pm

Earlier this week, a serious advisory was posted to the Ruby on Rails security discussion list . Unknown hacker groups had...

Ruby on Rails patches more critical vulnerabili...

infoworld.com 09 Jan '13, 12pm

Those using the Ruby on Rails Web application framework on their websites are being advised to update the software immedia...

Ruby on Rails security updates address SQL inje...

csoonline.com 13 Jan '13, 12am

January 03, 2013 — IDG News Service — The developers of Ruby on Rails, a popular Web application development framework for...

Exploit für Ruby on Rails im Umlauf

heise.de 10 Jan '13, 3pm

Für die am Mittwoch gemeldete, kritische Lücke in Ruby on Rails kursieren erste Exploits; es treffen auch bereits erste Be...

#Exploit Info - VRT reviewed #Ruby on Rails vul...

vrt-blog.snort.org 10 Jan '13, 7pm

on the Ruby on Rails Security group January 8th contained a few phrases that cause alarm when used together: "inject arbit...

Exploit Code for Ruby on Rails Flaw Likely on t...

threatpost.com 09 Jan '13, 4pm

The vulnerabilities patched Tuesday in the Ruby on Rails Web framework have security researchers warning of the potential ...

Ruby on Rails Vulnerabilities Discovered, Users Urged to Update Immediately

Ruby on Rails Vulnerabilities Discovered, Users...

thewhir.com 10 Jan '13, 4pm

A vulnerability discovered on the Ruby on Rails web application framework allows attackers to bypass authentication system...