Watch where you point those web browsers: Oracle's Java and Adobe's Flash are both subjects of new zero-day vulnerabilities. As Ars Technica reports, a hole in Java and two more Flash weaknesses have been unearthed as part of the Hacking Team data leak.
The Java hole may be the most troublesome. Anti-virus maker Trend Micro warns on its corporate blog that it has detected email messages exploiting the vulnerability addressed to both a NATO member and a US defense contractor. Trend Micro also notes that this marks the first zero-day attack against Java since 2013, and advises disabling Java until the security issue is patched by Oracle.
Ars also details two Flash vulnerabilities, which are unrelated to another Flash problem patched last Wednesday. These security holes are present in the current version of Flash on Windows, Mac, and Linux systems. At present, there's apparently no known attack that exploits these holes, but users should be cautious regardless. Adobe has published a security bulletin and plans to update the plugin this week.
|1. BIF - $340||2. Ryu Connor - $250||3. mbutrovich - $250|
|4. YetAnotherGeek2 - $200||5. End User - $150||6. Captain Ned - $100|
|7. Anonymous Gerbil - $100||8. Bill Door - $100||9. ericfulmer - $100|
|10. dkanter - $100|
|Valve details plans for Steam storefront update||26|
|EVGA's liquid-cooled GTX 1070 Hybrid card goes up for pre-order||11|
|Google Play Store doors are now open for a few Chrome OS devices||7|
|Updated Roku range starts cheaper and gets HDR-ready||8|
|In Win's 509 full-tower case can swallow massive mobos||12|
|Friday Night Shortbread||28|
|Doom's latest update adds Deathmatch and private matches||16|
|Rumor: Google to showcase mesh networking router soon||11|
|SolidRun MicroSoM offers Braswell CPUs on a tiny package||19|