That didn’t take long.
Oracle who in my opinion hasn’t taken Java security very seriously has released a emergency patch to fix the zero day flaw I told you about. A note on Oracle’s website has the details:
These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. For an exploit to be successful, an unsuspecting user running an affected release in a browser must visit a malicious web page that leverages these vulnerabilities. Successful exploits can impact the availability, integrity, and confidentiality of the user’s system.
Due to the severity of these vulnerabilities, and the reported exploitation of CVE-2013-1493 “in the wild,” Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible.
So I would do what the note says and apply these patches to protect you, assuming you still run Java of course. Too bad there are likely more flaws out there that hackers are sure to exploit.
Like this:
Like Loading...
Related
This entry was posted on March 5, 2013 at 7:34 am and is filed under Commentary with tags Java, Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Oracle Issues Emergency Fix For Java Flaws
That didn’t take long.
Oracle who in my opinion hasn’t taken Java security very seriously has released a emergency patch to fix the zero day flaw I told you about. A note on Oracle’s website has the details:
These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. For an exploit to be successful, an unsuspecting user running an affected release in a browser must visit a malicious web page that leverages these vulnerabilities. Successful exploits can impact the availability, integrity, and confidentiality of the user’s system.
Due to the severity of these vulnerabilities, and the reported exploitation of CVE-2013-1493 “in the wild,” Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible.
So I would do what the note says and apply these patches to protect you, assuming you still run Java of course. Too bad there are likely more flaws out there that hackers are sure to exploit.
Share this:
Like this:
Related
This entry was posted on March 5, 2013 at 7:34 am and is filed under Commentary with tags Java, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.