Printed from http://www.electronista.com

Oracle issues emergency Java patch, but holes persist

updated 06:50 am EST, Mon January 14, 2013

Oracle raises default security settings in Java security patch to High

Oracle has issued an emergency patch for Java, its popular web technology. Security researchers last week uncovered a zero-day exploit that is being exploited by hackers in two malware tookits prompting the US government to issue a warning to PC owners. Although the patch addresses certain holes, Reuters reports that a security analyst still believes that the platform remains vulnerable.

According to Oracle, the patch addresses remotely exploitable vulnerabilites that only affect Oracle Java 7 versions. The company, of course, recommends that users apply the patch as soon as possible. The patch closes a vulnerability that allowed an attacker to trick an unsuspecting user into visiting a maliciously constructed website. The threat only affects Java in web browsers and not other forms of Java and is executed through malicious browser applets.

To further help Java from being more susceptible to attacks in future, Oracle has adjusted default security settings in Java to 'High.' By taking this step, users who are unknowingly redirected to a malicious website will be notified before an applet is run, giving users the option to deny the applet permission to run. Oracle also says that the Java SE 7 Update 11 also makes it easier for users to disable Java in their browsers through a Java Control Panel.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. Flying Meat

    Dedicated MacNNer

    Joined: 01-25-07

    "Oracle also says that the Java SE 7 Update 10"
    Wait. Did Oracle make that specific reference to the previous version of Java, or was that supposed to reference the current version, Java SE 7 Update 11?

    It's no less true, but certainly more confusing. The line before it could use a spell check and some punctuation as well. :)

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

SMS Audio Sync Sport on-ear headphones

When hitting the gym or going out for a trail run, headphones can cause a number of problems. From the ear buds getting slimy with swe ...

Adesso Xtream S3B Bluetooth speaker

Finding a speaker purpose-built for a specific need is challenging. Even when a Bluetooth speaker can be paired with a mobile device, ...

JBL Synchros E40BT headphones

For all the different configurations of headphones on the market, it's always a tough choice for buyers to get something that is just ...

Sponsor

toggle

Most Commented

 
toggle

Popular News