Emergency Threat Content Release

By 
Jan 11, 2013
1 minutes
3 views
Threat Advisories - Advisories
Threat Advisory/Analysis
java
malware
threat prevention
vulnerability exploit

Today Palo Alto Networks has released an emergency content release (version 349) that addresses critical new vulnerabilities in Java JRE as well as Adobe Reader. Exploits of the Java vulnerabilities have been observed in the wild in exploit kits such as Blackhole, which are key enablers of drive-by-downloads of malware.

In addition to applying the content release, it is recommended that customers consider the following controls and safeguards:

  • Tightly control the movement of .JAR files, especially from the Internet. JAR files are used to deliver the malware from these drive-by-downloads, and policies should ensure that JAR files are only accepted from internal or highly trusted sources, and only allowed to Java-enabled systems that have a need for JAR files. Furthermore consider blocking JAR files in unknown traffic or from high-risk or unknown URL categories.
  • Disable Java in web-browsers for end-users who don’t have a requirement for Java. Users who have a need for Java should consider dedicating a browser for Java-enabled uses, and a non-Java-enabled browser for use on the Internet.

Related Blogs

Our library of online content is here to help you learn more, no matter what format you prefer or which topic interests you most.

Secure the Enterprise

8 Tips for Surviving Black Hat and Other Hostile Networks

Playbook of the Week, Uncategorized

Playbook of the Week: Using YARA to Automate Malware Identification and Classification in XSOAR

Next-Generation Firewalls

Always Innovating: User Experience, Threat Coverage and Management

Must-Read Articles, Use-Cases

Battling macOS Malware with Cortex AI

Announcement, Announcement, Cloud Native Security Platform, Cloud Workload Protection, Products and Services

Agentless Workload Scanning Gets Supercharged with Malware Scanning

Must-Read Articles, News and Events

Barracuda Networks Has a Predator that Can’t be Patched

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

Get the latest news, invites to events, and threat alerts

Popular Resources

Legal Notices

Popular Links