Sun recently released (another) update for Java 1.5.0, Update 11. There are a bunch of bug fixes and I didn’t see anything serious related to security.
However, it is worth noting that this update contains time zone data that incorporates Day Light Saving changes for 2007 (we wrote about this previously, http://isc.sans.org/diary.html?storyid=2142, but will use another opportunity to remind you about the changes).
Java update should be available automatically now as well – just remember to remove the old update revisions if you don’t need them any more (after you’ve thoroughly tested all your applications, of course).
McAfee published information about a new 0-day exploit for Word. They’ve notified Microsoft and it looks like the vulnerability is limited to Denial of Service. We’ve updated the list of 0-days in Microsoft products which you can find here: http://isc.sans.org/diary.html?storyid=1940.I will be teaching next: Web App Penetration Testing and Ethical Hacking - SANS Brussels February 2020
Feb 13th 2007
1 decade ago