"Save me, oh God, from people who have no sense of humor."
— Ludlow Porch

Remediating the Java Deserialization Vulnerability

The most under-reported software vulnerability of 2015 is turning out to be a flaw in Java deserialization. It hasn't been given a fancy name and used in wildly overstated "news" articles designed to sell more subscriptions to Lifelock, but it is very dangerous nonetheless. Here is a good, in-depth article describing the vulnerability, providing some resources for determining if you are affected, and some details for crafting your own exploits if you are so inclined.