Critical Java exploit found, puts 1 billion computers at risk

Creaky

Admin
Oh look, another critical Java security vulnerability has been discovered, something that seems to be a trend for Oracle's widely used software. The exploit, as detailed by Seclists' Full Disclosure mailing list, bypasses the Java security sandbox in all versions of Java from SE 5 to the latest SE 7 Update 7 in the latest versions of all popular browsers.

Basically, if you have a computer - Mac or PC - and it has Java installed, it could be vulnerable to this new exploit. Adam Gowdiak, who discovered the Java vulnerability, said that he found the bug last week, created a proof-of-concept exploit and then reported the issue to Oracle on Tuesday, who have confirmed the issue. He is "not aware of any active attacks that would exploit this vulnerability" but claims the potential impact is bigger than previous exploits.

October 16 is the next scheduled Java update, and its likely Oracle will wait until this date to patch the vulnerability. If you are concerned about your security, it's recommended either to uninstall Java from your system (if you don't use it) or temporarily disable it until a patch is released.

Via: ComputerWorld
Source: SecLists
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Top