Java Vulnerability – WindowsTechs.com

Log4Shell Vulnerability Risks for OT Environments — and How You Can Better Protect Against Them

Posted on December 18, 2021 by Dereck Stubbs

You’d have to look far and wide to find an IT professional who isn’t aware of (and probably responding to) the Log4Shell vulnerability. The Operational Technology (OT) sector is no exception, yet the exact exposure the vulnerability poses to OT technology is yet to be fully uncovered. The vulnerability was first made public earlier this […]

The post Log4Shell Vulnerability Risks for OT Environments — and How You Can Better Protect Against Them appeared first on Security Intelligence.

Continue reading Log4Shell Vulnerability Risks for OT Environments — and How You Can Better Protect Against Them→

How Log4j Vulnerability Could Impact You

Posted on December 11, 2021 by Nick Rossmann

If you hadn’t heard of Apache Log4j, chances are it’s on your radar now. In fact, you may have been using it for years. Log4j is a logging library. Imagine writing your daily activities into a notebook. That notebook is Log4j. Developers and programmers use it to take notes about what’s happening on applications and […]

The post How Log4j Vulnerability Could Impact You appeared first on Security Intelligence.

Continue reading How Log4j Vulnerability Could Impact You→

Remote Execution Flaw Threatens Apps Built Using Spring Framework — Patch Now

Posted on April 6, 2018 by Swati Khandelwal

Security researchers have discovered three vulnerabilities in the Spring Development Framework, one of which is a critical remote code execution flaw that could allow remote attackers to execute arbitrary code against applications built with it.

Sprin… Continue reading Remote Execution Flaw Threatens Apps Built Using Spring Framework — Patch Now→

Google Employees Help Thousands Of Open Source Projects Patch Critical ‘Mad Gadget Bug’

Posted on March 2, 2017 by Swati Khandelwal

Last year Google employees took an initiative to help thousands of Open Source Projects patch a critical remote code execution vulnerability in a widely used Apache Commons Collections (ACC) library.

Dubbed Operation Rosehub, the initiative was volunt… Continue reading Google Employees Help Thousands Of Open Source Projects Patch Critical ‘Mad Gadget Bug’→

Broken 2013 Java Patch Leads to Sandbox Bypass

Posted on March 14, 2016 by Michael Mimoso

A patch for a critical 2013 Java vulnerability is incomplete, and exposes Java servers and clients to a sandbox bypass, researchers at Security Explorations of Poland said. Continue reading Broken 2013 Java Patch Leads to Sandbox Bypass→