In recent months, Oracle has been under a lot pressure over Java security. Last month, the U.S. Department of Homeland Security had advised users to disable Java in their computers, because of security issues. Oracle tried to tackle the situation with a quick Java update. Two weeks later, Oracle has released another update, a massive one indeed.
The February update is the largest Java security update in history with patches for 50 flaws in total. Out of the 50 flaws, 49 were remotely exploitable without authentication. A total of 35 flaws were with the highest possible CVSS (Common Vulnerability Scoring System) score of 10.
The security patch was scheduled to be released on February 19, 2013. But, the patch release was later expedited to February 1. You can find the full patch advisory at Oracle Technology Network.
Thanks to: eSecurity Planet
[ttjad keyword=”security”]
