Oracle Releases Another Java Critical Patch Update – U.S. Computer Emergency Readiness Team Issues Warning

Written by: admin Date of published: . Posted in test

Oracle has issued a critical patch update for Java to, yet again, fix vulnerabilities in the much-plagued platform.

Although originally set for release Feb. 19, Oracle released the new patch two-and-a-half weeks early due to “active exploitation in the wild of one of the vulnerabilities affecting the Java Runtime Environment (JRE) in desktop browsers.”

According to the U.S. Computer Emergency Readiness Team, any system using Oracle Java 7 (1.7, 1.7.0) including Java Platform Standard Edition 7, Java SE Development Kit or Java SE Runtime Environment are affected.

“All versions of Java 7 before Update 13 are affected,” reads the US-CERT website. “Web browsers using the Java 7 plug-in are at high risk. Multiple vulnerabilities in Java 7 could allow an attacker to execute arbitrary code on a vulnerable system. Reports indicate that at least one of these vulnerabilities is being actively exploited.”

The patch address 50 different issues, 44 of which pertain to the Java Runtime Environment in web browsers, Oracle says. In other words, these vulnerabilities can only be exploited on desktops through Java Web Start applications or Java applets.

“After receiving reports of a vulnerability in the Java Runtime Environment (JRE) in desktop browsers,” writes Software Security Assurance Director Eric Maurice in a blog post.

“Oracle quickly confirmed these reports, and then proceeded with accelerating normal release testing around the upcoming Critical Patch Update distribution, which already contained a fix for the issue.”

One of the vulnerabilities affects the installation process of client deployment of Java  — for example installation of the Java Runtime Environment on desktops.

Also fixed with the new patch are three security issues that apply to client and server deployment of Java.

“That means that these vulnerabilities can be exploited on desktops through Java Web Start and Java applets in Browser, or in servers, by supplying malicious input to APIs in the vulnerable server components,” writes Maurice.  “In some instances, the exploitation scenario of this kind of bugs on servers is very improbable; for example, one of these vulnerabilities can only be exploited against a server in the unlikely scenario that the server was allowed to process image files from an untrusted source.”

Another two vulnerabilities fixed with the patch affected server deployment of the Java Secure Socket Extension (JSSE).

“The maximum CVSS Base Score for the vulnerabilities fixed in this Critical Patch Update is 10.0,” Maurice adds. “This score affects 26 vulnerabilities: 23 of which are client-side vulnerabilities, and 3 applicable to client and server deployments.”

In a bid to lessen the threat of malicious applets, Oracle has set its Java security settings to “high” by default.

Java was plagued by similar problems last month that left Oracle scrambling to fix the platform’s vulnerabilities.

The U.S. Computer Emergency Readiness Team, under Homeland Security, issued a warning at the time urging Java users to disable the program.

“Unless it is absolutely necessary to run Java in web browsers, disable it as described below, even after updating to 7u11,” the U.S. Computer Emergency Readiness Team’s (CERT) website read. “This will help mitigate other Java vulnerabilities that may be discovered in the future.”


Post from: SiteProNews: Webmaster News & Resources

Oracle Releases Another Java Critical Patch Update

HTC Net Profits Plunge 91 Percent in 2012’s 4Q – Company Predicting Sluggish 1Q this year

Written by: admin Date of published: . Posted in test

It was bad news and more bad news from HTC today.

The Taiwanese company disappointed analysts as it posted a much lower than expected net profit — $34.4 million — for its 2012 fourth quarter. Analysts had predicted a profit of $50.6 million.

HTC’s net profit has plummeted 91 percent since the fourth quarter of 2011 when the company brought in $379.5 million.

The Taiwanese Smartphone maker is also predicting profit margins will continue to nose-dive due to the surge in competition and the dominance of Samsung and Apple. In fact, the company expects its revenue to dip 17 percent in the first quarter of 2013, which ends March 31.

While HTC is forecasting revenue to be as low as $1.69 billion and no higher than $2.03 billion in the first quarter, analysts had been expecting the company to bring in $2.12 billion.

Peter Chou

Peter Chou

HTC is also predicting its gross profit margin to be 21 to 23 percent compared to 23 percent in 2012’s fourth quarter and an operating margin of 0.5 to one percent compared to one percent in the previous quarter.

HTC CEO Peter Chou has acknowledged his company had a dismal 2012, telling The Wall Street Journal (WSJ), rivals Apple and Samsung were “too strong” to compete with.

“2013 will not be too bad,” Chou was quoted by WSJ. “Our competitors were too strong and very resourceful, pouring in lots of money into marketing. We haven’t done enough on the marketing front.”

Chialin Chang

Chialin Chang

“Although we don’t have as much money to counter (Samsung and Apple), the most important thing is to have unique products that appeal to consumers,” Chou said, adding 2012 has taught him the need to “act fast and be responsive to market changes.”

In a conference call with investors, Chief Financial Officer Chialin Chang said although HTC has focused on mid- to high-end mobile phones in China in the past, it is ready to hit the country’s market with Smartphones priced lower than $320.71, which, currently, is its cheapest phone.

“We’re going to go down, but not below 1,000 yuan ($160.44),” he said. “We see there’s still room to play” when it comes to $160 to $320 phones.

The company also plans to target more emerging markets this year, Chang said.

Chou, in a statement, said HTC would “continue to focus on the most important element of our business: innovation.”

“Our teams are delivering beautifully designed phones, containing the newest technological advancements. Outstanding products, paired with improvements in our marketing execution and overall readiness give us reason to feel optimistic about the progress we will make in 2013.”


Post from: SiteProNews: Webmaster News & Resources

HTC Net Profits Plunge 91 Percent in 2012’s 4Q

BlackBerry Z10 Super Bowl Ad Leaves Many Scratching Their Heads – But, Love It or Hate It, Commercial Is Creating A Lot of Buzz

Written by: admin Date of published: . Posted in test

Super Bowl XLVII left its viewers with three questions: Was San Francisco cheated out of a win by refs missing an obvious holding call in the final minutes of the game? Did Beyonce top Madonna’s performance last year? And, was that really a BlackBerry commercial?

BlackBerry dug deep into its coffers to cough up the $3.6 million to $4 million it costs for 30 seconds of air time during the SuperBowl.

Whimsical, fanciful, creative and downright weird are some of the adjectives being used to describe the ad which strives to show viewers the few things the Z10 can’t do.

The ad begins with a man exiting a store, playing with his new BlackBerry Z10.

As he continues to test the device’s new features, his clothing catches fire, then, with another swipe of the screen, he suddenly has elephant legs.

Another swipe turns the man into an explosion of multi-colored powder and then, after emerging from a man hole in the street, the man bravely swipes the phone again to turn a careening big rig into an explosion of rubber duckies, saving a group of terrified pedestrians.

“In 30 seconds, its quicker to show you what it can’t do … the new BlackBerry Z10,” the announcer says to end the ad.

Reaction to the ad has been mixed.  While some are applauding the creativity of the commercial, others say it simply makes no sense.

BlackBerry chief marketing officer Frank Boulben, in various interviews, said the commercial was inspired by the Fantastic Four — Marvel comic book characters and, because, it “wasn’t feasible to communicate the rich experience of BlackBerry 10,” in 30 seconds, the company opted for a humorous approach.

“We wanted to let America know BlackBerry is back and that BlackBerry 10 is worth checking out,” Boulben said in an extended version of the commercial now on YouTube.

“And there is no better way to do that than with a Super Bowl commercial.”

“BlackBerry ran a Big Game commercial on Sunday, Feb. 3, 2013 — signaling that BlackBerry is back and, much like the brand itself, the new BlackBerry Z10 is re-designed, re-engineered and re-invented,” reads the description of the commercial. “BlackBerry CMO Frank Boulben gives you an inside look at the decision to run the fun and creative ad to show what BlackBerry Z10 can’t do. Now see what it CAN do here:”

Many continue to debate the effectiveness of the Z10 ad, but perhaps one commenter on YouTube summed it up best: “That ad wasn’t meant to bring back lost costumers,” writes Trevman1011. “It was meant to pique the interests of everyone watching it, and did it? Yes, I would say so…”

So whether people love the ad or hate it, the buzz it has created is a pretty good sign it was millions of dollars well spent by BlackBerry.



Post from: SiteProNews: Webmaster News & Resources

BlackBerry Z10 Super Bowl Ad Leaves Many Scratching Their Heads