Printed from http://www.electronista.com

Oracle issues emergency Java patch, but holes persist

updated 06:50 am EST, Mon January 14, 2013

Oracle raises default security settings in Java security patch to High

Oracle has issued an emergency patch for Java, its popular web technology. Security researchers last week uncovered a zero-day exploit that is being exploited by hackers in two malware tookits prompting the US government to issue a warning to PC owners. Although the patch addresses certain holes, Reuters reports that a security analyst still believes that the platform remains vulnerable.

According to Oracle, the patch addresses remotely exploitable vulnerabilites that only affect Oracle Java 7 versions. The company, of course, recommends that users apply the patch as soon as possible. The patch closes a vulnerability that allowed an attacker to trick an unsuspecting user into visiting a maliciously constructed website. The threat only affects Java in web browsers and not other forms of Java and is executed through malicious browser applets.

To further help Java from being more susceptible to attacks in future, Oracle has adjusted default security settings in Java to 'High.' By taking this step, users who are unknowingly redirected to a malicious website will be notified before an applet is run, giving users the option to deny the applet permission to run. Oracle also says that the Java SE 7 Update 11 also makes it easier for users to disable Java in their browsers through a Java Control Panel.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. Flying Meat

    Dedicated MacNNer

    Joined: 01-25-07

    "Oracle also says that the Java SE 7 Update 10"
    Wait. Did Oracle make that specific reference to the previous version of Java, or was that supposed to reference the current version, Java SE 7 Update 11?

    It's no less true, but certainly more confusing. The line before it could use a spell check and some punctuation as well. :)

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Advertisement

Recent Reviews

Linksys WRT1200AC Wi-Fi Router

Once upon a time, a brand-new Linksys router showed up on our doorstep. So we gathered some network-minded friends together, and hooke ...

Rapoo A300 Mini Bluetooth NFC Speaker

The Rapoo Bluetooth Mini NFC Speaker is a little metallic box about the size of a baseball. In spite of its small size, we were very p ...

Neurio Intelligent Home Monitor

The recently released Neurio Intelligent Home Monitor is a piece of hardware that, when integrated into a home's breaker box, monitors ...

Advertisement

toggle

Most Commented

 
toggle

Popular News