Hello, welcome to the Thursday, July 21st, 2016 edition of the Sansanet Storm Center's Stormcast.

My name is Johannes Ulrich and today I'm recording from Minneapolis, Minnesota.

Oracle released its quarterly patch update again and this time it patches 276 different vulnerabilities across 84 products.

Of course, Java is affected as well from these updates, aside the database and all the other middleware components and Solaris and everything else that Oracle does.

If you are running Java, then you should be running Java 8 Update 101, build third.

And if you have a recursive DNS server that is validating responses using DNSSEC,

you probably do want to mark October 11, 2017 in your

calendars.

At that date, a new key signing key for the Root Zone will be made live, meaning it will start

to be used to sign responses.

The key itself will be added to the Root Zone starting July next year, so there should be plenty

of time for you to update your DNS server configuration if your DNS server does support

RFC-5011.

This is an algorithm that will automatically update trust anchors. Then you should be all set,

but you may want to make sure that this is all working correctly. Like I said, July through October

next year is of the window where you have to make sure all of this is working correctly.

I will link in the show notes to a presentation

given about the process. It also includes some test URLs. And then we have more vulnerabilities

in anti-malver. This time they're discovered by Udi Yavo and Tom are bitten. And it's not exactly just the fault of the anti-malver

but the Microsoft detours engine that's being used in order to allow anti-malver to establish hooks into various Windows APIs.

Essentially what anti-malver does is it intercept system calls in order to inspect them for malicious

behavior.

...