The past week had been a tough one for Java/Oracle over security issues. But, that seems to come to an end, temporarily, after Oracle released a quick update fixing the security vulnerabilities.
On Thursday, the US Computer Emergency Readiness Team (US-CERT) issued a security warning for Java 7 update 10 users, and users were urged to disable Java on their browsers. The security hole allowed unauthenticated attackers to execute arbitrary codes on the attacked machine. Later that day, Apple started to block Java 7 on OS X 10.6 and up to keep Mac users safe.
On Friday, security firm Security Explorations revealed that the security issues wouldn’t have arisen had Oracle addressed an old Java vulnerability. On the same day, Mozilla included all recent versions on Java to its Firefox add-on blocklist, along with previously blocked versions Java.
On Saturday, Oracle acknowledged the security hole, and promised a fix soon. The next day, Oracle released Java 7 update 11, addressing the zero-day exploit. The security alert (for CVE-2013-0422) and patch information is available on Oracle website.
Thanks to: TNW
[ttjad keyword=”security”]
