SEPTEMBER 6, 2013
Your regular source of security updates from TrendLabsSM
In This Issue

Security Spotlight
Something Old, Something New: Zero-Day Exploit for Java 6 Spotted

Security for Home Users
Why It Pays to Patch Programs and Platforms

Security for Business
Dud or Dynamic? Vulnerability Shielding Against Exploits



Security for Business

Dud or Dynamic? Vulnerability Shielding Against Exploits

Vulnerability shielding or virtual patching protects you from related weaknesses by providing a temporary fix for a known bug.”



Maintaining physical, virtual, and cloud platforms is risky, as this introduces exploitable weak spots in IT environments. With the increase in the number of server-side exploits, how can you protect your business and embrace new IT structures without compromising company efficiency?

Java-Related Exploits on the Rise

Java is widely used in various programs and runs on different platforms, making it appealing to enterprise-grade application programmers and cybercriminals alike. In August 2013, two attacks that abused inherent flaws in the native layer of Java surfaced. This urged businesses to practice safer use of the software.

In addition, active exploits for an unpatched vulnerability in Java 6 are prompting businesses to get the latest version of the application so they can become immune to possible attacks. A sample attack scenario is when ransomware is downloaded onto an exploited computer. Ransomware lock the data stored on the vulnerable computer and require its owner to pay a fee so he can access it.

How Vulnerability Shielding Works

Reported vulnerabilities can be easily fixed once software vendors provide appropriate patches. It usually takes a while for them though to make a patch available after a vulnerability’s discovery. Cybercriminals take advantage of this window of exposure to abuse weaknesses spotted in target computers.

Vulnerability shielding or virtual patching protects you during this period of weakness by providing a temporary fix for a known bug. Without consuming much IT resources and causing lags in operations, it secures your business while you wait for the actual patch to be released and deployed across your network. Equally important, vulnerability shielding provides adaptive protection that is compatible with virtualized and cloud-based systems.

Copyright ©2013 Trend Micro Incorporated. All rights reserved. Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated. All other company and/or product names may be trademarks or registered trademarks of their respective owners. The information contained in this document is subject to change without prior notice.

www.trendmicro.com

  CONNECT WITH US ON: