CVE-2012-4681
Three weeks after FireEye's first analysis and a week and a half after Oracle's out-of-band patch. The substantive question is what the zero-day-to-exploit-kit-payload speed tells us about the operational supply chain.
Three weeks after FireEye's first analysis and a week and a half after Oracle's out-of-band patch. The substantive question is what the zero-day-to-exploit-kit-payload speed tells us about the operational supply chain.
Flashback has put approximately six hundred thousand Macs into a botnet over the past month, which is the structural end of "Macs don't get viruses" as a defensive position. Apple's six-week Java patch lag is the part worth recording.