| Oracle Fixes Java Vulnerability
|
engine
msg:4535961 | 6:15 pm on Jan 14, 2013 (gmt 0) |
Oracle released an emergency software update today to fix a security vulnerability in its Java software that could allow attackers to break into computers.
The update, which is available on Oracle's Web site, fixes a critical vulnerability in Oracle's Java 7 that could allow a remote, unauthenticated attacker to execute arbitrary code. The attack can be induced if someone visits a Web site that's been set up with malicious code to take advantage of the hole.
Oracle Fixes Java Vulnerability [news.cnet.com] |
|
Earlier story
U.S. Warning Over Java Vulnerability [webmasterworld.com]
|
Sgt_Kickaxe
msg:4536084 | 4:34 am on Jan 15, 2013 (gmt 0) |
Why does this sound like some hacker found an intentional back door that was only meant for Oracle to know about? Since it's fixed, has any site provided actual technical details as to what was wrong?
|
bill
msg:4536116 | 8:27 am on Jan 15, 2013 (gmt 0) |
By now most security minded IT people will have removed Java from their customers' browsers. I for one am not inclined to add it back.
|
|
|
