• Home
  • About 404TS
  • Contact

404 Tech Support

Where IT Help is Found

  • Articles
    • Code
    • Entertainment
    • Going Green
    • Hardware, Gadgets, and Products
    • Management
    • Network
    • News
    • Operating Systems
    • Security and Privacy
    • Software
    • System Administration
    • Talking Points
    • Tech Solutions
    • Web
    • Webmaster
  • Reviews
  • Media
    • Infographics
    • Videos
  • Tech Events
  • Tools
    • How do I find my IP address?
    • Browser and plugin tests
  • Get a Technical Consultation
You are here: Home / Articles / Security and Privacy / Microsoft, Adobe, and Java Security updates patch some doozies

Microsoft, Adobe, and Java Security updates patch some doozies

2012-06-13 by Jason

June’s Patch Tuesday is a little heavier than usual with Microsoft, Adobe, and Java all dogpiling on the poor sysadmins. Not only the quantity of the updates are concerning but the severity as well. Microsoft and Java are reporting zero-day attacks for the vulnerabilities they are patching.

Microsoft

Microsoft released seven updates to address 26 flaws in products like IE, Dynamics AX, Lync, and the .NET Framework. Three of those patches were marked critical – following up on the Windows Updates and WSUS patches related to Flame malware last week.

Additionally, a separate security advisory (2719615) was published yesterday regarding Microsoft XML Core Services warning of remote code execution and allowing the remote attacker to assume the same rights as the logged in user. Google discovered the vulnerability being actively exploited in the wild and reported it to Microsoft. There is no patch available for this zero-day though Microsoft does have a FixIt Solution that will disable the vulnerable component. This attack could be used against anybody that uses IE and visits a malicious or infected website. Windows XP through Windows 7 operating systems are reported vulnerable.

Java

Java published updated 6u33 and 7u5 yesterday. Addressing it as a critical patch update, Oracle stresses “the threat posed by a successful attack” and recommends applying the fixes as soon as possible.

  • Java 6u33 release notes
  • Oracle Java SE Critical Patch Update Advisory – June 2012

Apple, recently afflicted with the flashback malware that took advantage of out-of-date Java on Mac OS X, has also pushed out an updated Java for Mac OS X.

This update configures web browsers to not automatically run Java applets. Re-enable Java applets by clicking the region labeled “Inactive plug-in” on a webpage. If no applets have been run for an extended period of time, the Java web plug-in will deactivate.

This release updates Java SE 6 to version 1.6.0_33.

This release is only for Mac OS X v10.6.8 or later versions of Mac OS X v10.6.

Java for Mac OS X Lion 2012-004

Java for Mac OS X v10.6 Update 9

Adobe

Adobe released a security hotfix for ColdFusion 9.0.1 and earlier versions on Windows, Mac, and Unix.

This update resolves an HTTP response splitting vulnerability in the ColdFusion Component Browser (CVE-2012-2041).

This vulnerability could add or modify additional headers, which might cause unexpected behavior.

Adobe recommends users follow the hotfix instructions in the ColdFusion technote.

Filed Under: Security and Privacy

Trending

  • The growth of Magento for e-commerce
    In Infographics
  • Java 7u7 and 6u35 updates address prominent vulnerabilities
    In Security and Privacy, Software
  • Configure your Antivirus Correctly
    In Operating Systems, Security and Privacy, Software

Latest Media Posts

Find Out Where To Download SNES ROMs

Find Out Where To Download SNES ROMs

Multifunctional Video Conversion Tools – Wondershare Video Converter

Multifunctional Video Conversion Tools – Wondershare Video Converter

  • Popular
  • Latest
  • Today Week Month All
  • How to ‘Unblock’ multiple files at a time with PowerShell How to 'Unblock' multiple files at a time with PowerShell
  • Increase IIS Private Memory Limit to improve WSUS availability Increase IIS Private Memory Limit to improve WSUS availability
  • Read the Event Logs on Windows Server Core Read the Event Logs on Windows Server Core
  • SOLVED: “This modification is not allowed because the selection is locked.” SOLVED: "This modification is not allowed because the selection is locked."
  • Command line to take ownership and change permissions Command line to take ownership and change permissions
  • Making Distributed Software Development Work: Strategies and Best Practices for Managing Remote Teams Making Distributed Software Development Work: Strategies and Best Practices for Managing Remote Teams
  • customer contactless payment for drink with mobile phon at cafe counter bar,seller coffee shop accept payment by mobile.new normal lifestyle concept The Latest Innovations In Payment Technology
  • How Digital Technology Brought the Rise of the CMO   How Digital Technology Brought the Rise of the CMO  
  • How to Purchase Cryptocurrencies? How to Purchase Cryptocurrencies?
  • Top 6 necessary aspects to consider when hiring Angular developers Top 6 necessary aspects to consider when hiring Angular developers
Ajax spinner

Elevator Pitch

404 Tech Support documents solutions to IT problems, shares worthwhile software and websites, and reviews hardware, consumer electronics, and technology-related books.

Subscribe to 404TS articles by email.

Recent Posts

  • Making Distributed Software Development Work: Strategies and Best Practices for Managing Remote Teams
  • The Latest Innovations In Payment Technology
  • How Digital Technology Brought the Rise of the CMO  

Search

FTC Disclaimer

404TechSupport is an Amazon.com affiliate; when you click on an Amazon link from 404TS, the site gets a cut of the proceeds from whatever you buy. This site also uses Skimlinks for smart monetization of other affiliate links.
Use of this site requires displaying and viewing ads as they are presented.

Copyright © 2023 · Magazine Pro Theme on Genesis Framework · WordPress · Log in