| Thread Tools |
3rd September 2012, 07:41 | #1 |
[M] Reviewer Join Date: May 2010 Location: Romania
Posts: 148,553
| Oracle patches Java vulnerability Oracle has released a new patch which kills off a vulnerability in Java 7 that was being exploited by malware developers. The flaw was announced last week after it was used by hackers in targeted attacks on Windows. The flaw was similar to the recent Flashback malware in OS X, and allowed hackers to create a drive-by hack where the only action needed to compromise a system is to visit a rogue Web page that hosts a malicious Java applet. Proof of concept attacks using this vulnerability have been found to run on all platforms supported by Java 7, including OS X systems where the exploit was successfully run in the latest Safari and Firefox browsers in Mountain Lion. What was a little worrying, is that Oracle only releases Java updates every quarter so that means that it could do a lot of damage before the company pulled its finger out. This forced some companies to issue their own private patches to this vulnerability just in case it took forever for Oracle to realise it was screwing up the internet. Now it seems that Oracle has stepped up to the mark and broken its regular release schedule to offer a patched version of the Java 7 runtime. The Java 7 Update 7 patch can be downloaded from the Java SE Downloads Web page and Oracle recommends that all users of Java 7 apply the update. http://news.techeye.net/security/ora...-vulnerability |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Google to pay Oracle $0 | Stefan Mileschin | WebNews | 0 | 22nd June 2012 07:24 |
Oracle to Issue 14 Patches for Java SE | Stefan Mileschin | WebNews | 0 | 11th June 2012 07:47 |
Oracle Could End Up With Nothing In Suit Against Google | Stefan Mileschin | WebNews | 0 | 17th May 2012 06:52 |
Oracle to kick off at Google in Java spat on Monday | Stefan Mileschin | WebNews | 0 | 16th April 2012 06:51 |
Mozilla Firefox 3.0 Vulnerability | jmke | WebNews | 0 | 19th June 2008 08:51 |
New Zero-Day Vulnerability In Windows | jmke | WebNews | 0 | 6th November 2006 11:39 |
IE7 vulnerability discovered already | jmke | WebNews | 1 | 20th October 2006 14:14 |
Symantec Posts Fix To Vulnerability | jmke | WebNews | 0 | 29th May 2006 09:42 |
AMD Announces IBM and Oracle Support | Sidney | WebNews | 0 | 25th May 2004 06:24 |
Thread Tools | |
| |