It appears that Java is still vulnerable to exploit after the latest patch from Oracle.
Disabling Java completely probably isn’t possible for many of you, so I suggest you at least use a good web gateway/network IPS/NGFW that filters for malware, and something cloud or VPN based to protect mobile users. Events like this are why I’m so interested (and have been for a long time) in browser virtualization technologies (Bromium, Invincea, anyone else?).
This isn’t going to end any time soon.
Comments