<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: Garamond, sans-serif; ">
<div>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; ">In this issue:</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">1. Oracle Releases New Version of Java (Again)</p>
<p style="margin: 0px; font-family: Helvetica; ">2. Apple Releases iOS 6.1</p>
<p style="margin: 0px; font-family: Helvetica; ">3. Who Updates Your Android?</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">----------------------------------------------------------------</p>
<p style="margin: 0px; font-family: Helvetica; ">1. Oracle Releases New Version of Java (Again)</p>
<p style="margin: 0px; font-family: Helvetica; ">----------------------------------------------------------------</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">Last week Oracle released Java 7 Update 13 to address
<a href="http://www.kb.cert.org/vuls/id/858729">vulnerabilities</a>. </p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">Systems affected:</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<ul>
<li style="margin: 0px; font-family: Helvetica; ">Java Platform Standard Edition 7 (Java SE 7)
</li><li style="margin: 0px; font-family: Helvetica; ">Java SE Development Kit (JDK 7)
</li><li style="margin: 0px; font-family: Helvetica; ">Java SE Runtime Environment (JRE 7)
</li></ul>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">Users of Java can download the free update
<a href="http://java.com/en/download/index.jsp">here</a> or via the Windows Java console on their machines.</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; "><a href="http://kb.mit.edu/confluence/x/5qIBCQ">Mac users</a></p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; "><a href="http://kb.mit.edu/confluence/x/AwDSBg">MITSIS users</a></p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">Apple has blocked Java completely in OS X 10.6 and above. Oracle admits there are some serious problems with Java, but says that those problems lie with the browser plug-ins and that server-side, desktop, and
embedded Java are not vulnerable to the same attacks.</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">Read the story in the news <a href="http://www.theregister.co.uk/2013/01/30/oracle_java_security_analysis/">
here</a> and <a href="http://arstechnica.com/apple/2013/01/for-second-time-in-a-month-apple-blacklists-java-web-plug-in/">
here</a>.</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">-----------------------------------</p>
<p style="margin: 0px; font-family: Helvetica; ">2. Apple Releases iOS 6.1</p>
<p style="margin: 0px; font-family: Helvetica; ">-----------------------------------</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">Last week's Apple iOS update 6.1 addresses more than 20 vulnerabilities, including a serious flaw in the kernel and a number of bugs in the WebKit framework. The company also revoked trust in the bad TurkTrust
certificates discovered late last year.</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; "><a href="http://threatpost.com/en_us/blogs/apple-releases-ios-61-fixes-more-20-vulnerabilities-012913">Read the story in the news.</a></p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">-----------------------------------------</p>
<p style="margin: 0px; font-family: Helvetica; ">3. Who Updates Your Android?</p>
<p style="margin: 0px; font-family: Helvetica; ">-----------------------------------------</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">A call has been made for legislators to get involved with making carriers more responsible for issuing updates to Android mobile devices or to cede control to Google. Activist Chris Soghoian says the "situation
is worse than a joke, it's a crisis." Some devices are 16 months behind with receiving updates.</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">Android malware has skyrocketed over the last 12 months. Researchers at Kaspersky Lab said that 99 percent of mobile malware detected monthly was targeting Android. The most prevalent are SMS attacks that run
up premium calling charges.</p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; ">While Google is staying up on patching vulnerabilities, these patches are not making it to the consumers, says Chris Soghoian. </p>
<p style="margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style="margin: 0px; font-family: Helvetica; "><a href="http://threatpost.com/en_us/blogs/wireless-carriers-put-notice-about-providing-regular-android-security-updates-020413">Read the full story online</a>.</p>
</div>
<div><span class="Apple-style-span" style="border-collapse: separate; font-family: Calibri; font-size: medium; border-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; font-family: Helvetica; font-size: 14px; ">
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">
<span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; "><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; font-size: 12px; ">
<div><br>
</div>
<div><br class="khtml-block-placeholder">
</div>
<div>
<p style="margin: 0px; font-size: 14px; font-family: Arial; ">===================================================================================</p>
<p style="margin: 0px; font-size: 14px; font-family: Arial; ">Read all Security FYI Newsletter articles and submit comments online at
<a href="http://securityfyi.wordpress.com/">http://securityfyi.wordpress.com/</a>.</p>
<p style="margin: 0px; font-size: 14px; font-family: Arial; ">===================================================================================</p>
<p style="margin: 0px; font-size: 14px; font-family: Arial; "><br>
</p>
<p style="margin: 0px; font-size: 14px; font-family: Arial; "><br>
</p>
</div>
<div>Monique Yeaton</div>
<div>IT Security Communications Consultant</div>
<div>MIT Information Services & Technology (IS&T)</div>
<div>(617) 253-2715</div>
<div>http://ist.mit.edu/security</div>
<div><br class="khtml-block-placeholder">
</div>
<br class="Apple-interchange-newline">
</span></span></span></span></span></span></div>
</span></span></div>
</body>
</html>