{"id":5223,"date":"2015-10-28T07:05:33","date_gmt":"2015-10-28T07:05:33","guid":{"rendered":"https:\/\/ihs.com.tr\/blog\/?p=5223"},"modified":"2015-10-28T07:05:33","modified_gmt":"2015-10-28T07:05:33","slug":"oracle-bir-diger-java-zero-day-acigini-daha-kapatti","status":"publish","type":"post","link":"https:\/\/www.ihs.com.tr\/blog\/oracle-bir-diger-java-zero-day-acigini-daha-kapatti\/","title":{"rendered":"Oracle, bir di\u011fer Java zero-day a\u00e7\u0131\u011f\u0131n\u0131 daha kapatt\u0131"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\">Java&#8217;daki <strong>zero-day a\u00e7\u0131\u011f\u0131n\u0131 kapatan Oracle<\/strong>, yine de Rusya ba\u011flant\u0131l\u0131 sald\u0131r\u0131lara engel olabilmi\u015f de\u011fil. Pawn Storm adl\u0131 grup, NATO \u00fcyesi \u00fclkelere ve Beyaz Saray&#8217;a yapt\u0131\u011f\u0131 sald\u0131r\u0131larda bu a\u00e7\u0131\u011f\u0131 kullanm\u0131\u015f oldu.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Bu y\u0131l\u0131n ba\u015f\u0131nda Trend Micro taraf\u0131ndan Oracle&#8217;a rapor edilen a\u00e7\u0131k, bu sald\u0131r\u0131lar\u0131n oda\u011f\u0131nda oldu. Sald\u0131r\u0131larda 2 farkl\u0131 a\u00e7\u0131ktan yararlanan gruba kar\u015f\u0131 olarak, Oracle<strong> Temmuz 2015&#8217;te ilk yamay\u0131 yay\u0131nlayarak<\/strong> (July 2015 Critical Patch Update) bu a\u00e7\u0131klardan birini kapatm\u0131\u015ft\u0131. Ge\u00e7ti\u011fimiz g\u00fcnlerde de ikinci yama ile (October 2015 Critical Patch Update) <strong>a\u00e7\u0131klar\u0131 tamamen kapatm\u0131\u015f oldu.<\/strong><\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Hacker grup, CVE-2015-4902 olarak adland\u0131r\u0131lan a\u00e7\u0131\u011f\u0131 kullanarak<strong> Java&#8217;daki &#8220;click-to-play&#8221; korumas\u0131n\u0131 a\u015f\u0131yorlard\u0131.<\/strong><\/span><\/p>\n<p><a href=\"https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2015\/10\/java-exploit.png\" data-rel=\"penci-gallery-image-content\" ><img decoding=\"async\" class=\"aligncenter size-full wp-image-5225\" src=\"https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2015\/10\/java-exploit.png\" alt=\"java-exploit\" width=\"300\" height=\"300\" srcset=\"https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2015\/10\/java-exploit.png 300w, https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2015\/10\/java-exploit-150x150.png 150w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p><span style=\"font-size: 14pt;\">Ge\u00e7ti\u011fimiz y\u0131llarda Java a\u00e7\u0131klar\u0131n\u0131 \u00f6nlemek i\u00e7in pek \u00e7ok ad\u0131m at\u0131ld\u0131 denilebilir. Hem Oracle <strong>daha s\u0131k g\u00fcncellemeler<\/strong> yay\u0131nlamaya ba\u015flad\u0131, hem de <strong>taray\u0131c\u0131lar da ge\u00e7mi\u015f tarihli Java s\u00fcr\u00fcmlerini \u00e7al\u0131\u015ft\u0131rmamay\u0131<\/strong> sa\u011flayarak kulan\u0131c\u0131lar\u0131 g\u00fcvenli tarafta tutmaya \u00e7al\u0131\u015ft\u0131lar.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Pawn Storm grubu da benzer \u015fekilde sadece ge\u00e7ti\u011fimiz sene 6&#8217;dan fazla benzeri a\u00e7\u0131\u011f\u0131, daha do\u011frusu &#8220;zero-day&#8221; olarak adland\u0131r\u0131lan bu kritik a\u00e7\u0131klar\u0131 kullanarak <strong>Java, Flash, Windows gibi platformlarda sald\u0131r\u0131lar\u0131n\u0131 s\u00fcrd\u00fcrd\u00fcler.<\/strong><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Java&#8217;daki zero-day a\u00e7\u0131\u011f\u0131n\u0131 kapatan Oracle, yine de Rusya ba\u011flant\u0131l\u0131 sald\u0131r\u0131lara engel olabilmi\u015f de\u011fil. Pawn Storm adl\u0131 grup, NATO \u00fcyesi \u00fclkelere ve Beyaz&hellip;<\/p>\n","protected":false},"author":3,"featured_media":5224,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-5223","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-haberler"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5223","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=5223"}],"version-history":[{"count":3,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5223\/revisions"}],"predecessor-version":[{"id":5238,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5223\/revisions\/5238"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media\/5224"}],"wp:attachment":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=5223"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=5223"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=5223"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}