Simply patching your browser isn't enough to keep your JRE up to date, because the JRE is patched independently of the browser that launches it. Compounding the problem, most JREs don't remind the user to download security updates, unlike many other applications that often annoy users with frequent upgrade prompts. Thus, you need to devise a plan for distributing JRE patches regularly across your enterprise. Such patches are especially important for machines used to manage our critical infrastructures; many enterprise applications, security tools and network infrastructure devices and systems use Java-based GUIs. If an attacker compromises such systems, enterprise control could totally unravel. Patch these machines diligently, either manually (if there are a small number of them), or by using an automated patching tool, such as Microsoft's Systems Management Server (SMS) or Shavlik Technologies' NetChk Protect.
- Ed Skoudis explains how to develop patch management policies for the third-party applications in your enterprise.
- Is Java security getting worse? Joel Dubin weighs in on the debate.
Dig Deeper on Productivity apps and messaging security
Related Q&A from Ed Skoudis
Learn how social networking sites compound the insider threat risk, and explore how to mitigate the threat with policy, training and technology. Continue Reading
By viewing a page's HTML source code and writing malicious scripts to a drop-down list, hackers may be able to re-post the malicous page to the ... Continue Reading
Password cracking may be a hacker's specialty, but there are also many strategies to keep passwords secure. Continue Reading