Oracle releases emergency patch for Java | Forum

Topic location: Forum home » General » General Chat
Liu Ping Jun 30 '17
Oracle has released an out-of-cycle security update to patch newly identified vulnerabilities in Java 7 that have been widely exploited, after the security community urged the company not to wait.

The move comes hot on the heels of news that the vulnerabilities were being used in targeted attacks and were available to users of the Metasploit tool and Blackhole exploit kit.

The Java vulnerabilities allow attackers to use a custom web page to force systems to download and run malware that does not have to be coded in Java.

Since the discovery of the vulnerabilities, there has been much speculation about whether Java custodian Oracle will consider the vulnerability serious enough to release an out-of-cycle security patch.

Security researchers warned that if Oracle had waited until its next scheduled patch release, Java users would have been at the mercy of various exploits until 16 October.

"Due to the severity of these vulnerabilities, the public disclosure of technical details and the reported exploitation of CVE-2012-4681 'in the wild', Oracle strongly recommends that customers apply the updates provided by this security alert as soon as possible," the company said.

Read more about zero-day Java exploit
  • Latest Java zero-day hits Metasploit and Blackhole
  • Security researchers spot new zero-day Java vulnerability
The security alert said that the updates were aimed at addressing security issues CVE-2012-4681 and two other vulnerabilities affecting windows 10 update error 0x80244022 Java running in web browsers on windows 10 0x80244022 desktops.

The affected products and versions were listed as JDK and JRE7 update 6 and before, as well as JDK and JRE6 update 34 and before.

"These vulnerabilities are not applicable to Java running on servers or standalone Java desktop applications. They also do not affect Oracle server-based software," the alert said.

Oracle strongly recommends that customers apply the Java updates provided by this security alert as soon as possible Emergency patch for serious threatBecause of Oracle's record of almost never issuing out-of-cycle patches and the lack of any indications that it would do so, some security researchers scrambled to release an interim patch.

However, they expressed hopes that Oracle would consider the threat serious enough to release an emergency patch.

The first indication that Oracle would do so came from researchers at Security Explorations. Just ahead of Oracle's announcement, the firm said they had reported the issue to Oracle in April 2012 and a recent status report showed that it has been addressed.

chenyingying Jul 1 '17

oakley sunglasses adidas trainers men fitflops shoes michael kors handtaschen tory burch handbags adidas originals uk coach outlet store online clearances nfl jerseys wholesale polo ralph lauren shirts coach outlet cheap jordan shoes christian louboutin sale mk väska coach outlet nike air max 1 jordan shoes cheap ray ban sunglasses true religion jeans true religion jeans burberry outlet fitflops sandals nfl jerseys wholesale nike running trainers ed hardy clothing michael kors bags red bottom heels tory burch handbags michael kors outlet north face outlet nfl jerseys nike huarache uk kevin durant shoes yeezy 350 v2 ralph lauren outlet michael kors plånbok kobe 11 shoes michael kors handbags uk canada goose ferragamo outlet jordan shoes nike jordan shoes mbt outlets michael kors handbags michael kors outlet nike huarache shoes pandora outlet vans outlet christian louboutin outlet yeezy boost 350 v2 coach outlet store online prada outlet polo ralph lauren shirts michael kors handbags coach factory online coach outlet store online calvin klein outlet burberry handbags air jordan shoes polo outlet coach factory online burberry handbags michael kors bags christian louboutin sneakers michael kors outlet online nike outlet store christian louboutin outlet coach outlet online kate spade birkenstock sale clearance michael kors outlet online ray ban online kate spade sale nike air max mlb jerseys wholesale christian louboutin shoes christian louboutin outlet fitflops uk adidas outlet clearance michael kors outlet adidas nmd runner michael kors handbags coach purses adidas trainers uk michael kors outlet gafas de sol ray ban michael kors bags uk christian louboutin burberry scarf oakley sunglasses outlet adidas stan smith shoes cheap oakley sunglasses wholesale clarks shoes outlet adidas outlet cheap mlb jerseys ralph lauren outlet coach factory outlet online coach outlet online Ugg støvler ralph lauren outlet birkenstock shoes



Problem with reading feeds