Oracle Releases Immediate Repair To Serious Java Security Flaw

Oracle, after a warning from the Department of Homeland Security to users, released an immediate fix on its Java software security flaw that made computers vulnerable to take overs by hackers.

According to the agency, the Java 7 Update 10 and early has an undetermined susceptibility that allows a remote, unauthenticated invader to perform an arbitrary code on an at risk system. It said the current and previous Java susceptibilities have been targeted by attackers on a widespread basis, and the latest vulnerabilities will eventually be discovered.

The vulnerability was first found by a European Security researcher who uses the name Kafeine in his blogs. The alert was published on his blog Thursday. The agency confirmed that the Linux platforms, Apple’s Mac OS X and Microsoft Windows were affected by the security flaw and that they were not aware of any solution to the problem. The agency recommended users disable the Java program in web browsers.

Oracle released the patch on Sunday.

Due to security concerns, Apple quit shipping computers that were enabled with Java, and it was remotely inactivating the Java 7 plug-in on Mac computer. Linux and Microsoft users can disable the Java program themselves.

Java is a commonly used programming language that can be found on over 850 million personal computers and is no stranger to security problems. In April, hackers were able to exploit a vulnerability that infected over 500,000 Apple computers with a serious type of malware. To date, it’s the biggest attack on the OS X operating system.

In May a nonprofit group Shadowserver Foundation found hackers had discovered a security hole in Java that would infect visitors of certain foreign policy websites like Cambodian Ministry of Foreign Affairs, Amnesty International Hong Kong and International Institute for Counter-Terrorism.

The exploit was quite troublesome because victims had no idea they were downloading a program. It downloaded without any prompting and users didn’t have to click on a link to infect their computers.

Online News Heard Now

Short URL: http://www.onlinenewsheardnow.com/?p=1533

Posted by on Jan 14 2013. Filed under New, Sci/Tech. You can follow any responses to this entry through the RSS 2.0. Both comments and pings are currently closed.

Comments are closed

Recently Commented

  • Linda: I was diagnosed as type 2 last year, my weight was 125kg, my doctor wanted me to start insulin and encouraged...
  • Meow: (at 12:30am)
  • Meow: They filed on Tuesday.
  • Manxe Kitairn: Also … no mention of Chrome OS. You would think that Google would start such a radical change...
  • DJ Allyn: Ever since the upgrade, I’ve noticed Chrome running a lot slower. Chrome has suddenly become a...