Oracle releases software update to fix Java vulnerability

JMH · Jan 13, 2013

Oracle released an emergency software update today to fix a security vulnerability in its Java software that could give allow attackers to break into computers.

The update, which is available on Oracle's Web site, fixes a critical vulnerability in Oracle's Java 7 that could allow a remote, unauthenticated attacker to execute arbitrary code. The attack can be induced if someone visits a Web site that's been set up with malicious code to take advantage of the hole.

Oracle said the update modifies the way Java interacts with Web applications.

Oracle releases software update to fix Java vulnerability | Security & Privacy - CNET News

Deejay100six · Jan 14, 2013

I only installed Java 3 days ago as I'm running a fairly new install of Windows 7. Forgot to turn the auto update feature off so it updated to 7, u11 yesterday. I assume this means I'm covered?

satrow · Jan 14, 2013

Only if you have no earlier versions still lurking and only until the next 'fix' comes along, expect another one within 24 hours or so ...

I'd uninstall Java completely; only install it if you really, really have to - even then, disable it in the browsers, enable it only when needed (on trusted sites only), disable it again straight away once done with it.

Deejay100six · Jan 14, 2013

Ok, thanks mate.

satrow · Jan 16, 2013

Claims of a new 0day vulnerability which affects the latest 'patched' Java: New Java Exploit Fetches $5,000 Per Buyer ? Krebs on Security

Didn't take very long, did it?

Search

Search

Oracle releases software update to fix Java vulnerability

JMH

Emeritus, Contributor

Deejay100six

Sysnative Staff

satrow

Moderator, BSOD Kernel Dump Senior Analyst

Deejay100six

Sysnative Staff

satrow

Moderator, BSOD Kernel Dump Senior Analyst