Friday, March 8, 2013

4th Oracle Java Zero-Day,
New Adobe Flash & Reader Zero-Days
@ PWN2OWN CanSecWest 2013


Thank you to Sophos for keeping us up-to-date:

PWN2OWN results Day Two - Adobe Reader and Flash owned, Java felled yet again

Anyone surprised? If so, why? Comment below. ;-)

The Mantras:

1) Just Turn Java OFF. Only activate Java AFTER you have arrived at a trusted website, then reload the site. Be certain to Just Turn Java OFF Again, before you leave the trusted website. That is the only way to use Java and remain safe. Java is that dangerous, and Oracle doesn't give a rat's. We hate you Oracle!

2) Uninstall Adobe Reader and use anything else, such as Apple's provided Preview app. There is a plethora of alternatives, as listed in an earlier article.

3) Use a web browser click-to-Flash add-on/extension/plug-in, or just give up on this crap Adobe tech and uninstall it forever. There is a plethora of click-to-Flash add-ons, as listed in an earlier article. We hate you Adobe!

That's it for PWN2OWN 2013. What fun. (0_o)

See you soon with more Oracle & Adobe zero-day exploits, no doubt.


BTW: I've added a list of friends and faves in computer security over on the right side of the blog page. Look under 'friends of Mac-Security'. I hope you find the list useful!


No comments:

Post a Comment