Welcome to WebmasterWorld Guest from 54.196.214.35

Forum Moderators: phranque

Message Too Old, No Replies

Oracle Fixes Java Vulnerability

     
6:15 pm on Jan 14, 2013 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:22318
votes: 240


Oracle released an emergency software update today to fix a security vulnerability in its Java software that could allow attackers to break into computers.

The update, which is available on Oracle's Web site, fixes a critical vulnerability in Oracle's Java 7 that could allow a remote, unauthenticated attacker to execute arbitrary code. The attack can be induced if someone visits a Web site that's been set up with malicious code to take advantage of the hole.

Oracle Fixes Java Vulnerability [news.cnet.com]


Earlier story
U.S. Warning Over Java Vulnerability [webmasterworld.com]
4:34 am on Jan 15, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member sgt_kickaxe is a WebmasterWorld Top Contributor of All Time 5+ Year Member

joined:Apr 14, 2010
posts:3169
votes: 0


Why does this sound like some hacker found an intentional back door that was only meant for Oracle to know about? Since it's fixed, has any site provided actual technical details as to what was wrong?
8:27 am on Jan 15, 2013 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:Oct 12, 2000
posts:14487
votes: 49


By now most security minded IT people will have removed Java from their customers' browsers. I for one am not inclined to add it back.