|01 Mar 2013||#1|
| || |
Oracle investigating after two more Java 7 zero-day flaws found
Oh geeez...it's never going to end is it?
Polish security researchers have discovered yet more zero-day vulnerabilities in Java, the beleaguered Web plug-in, that led to the successful intrusion of Facebook, Apple and Microsoft in recent weeks.
Java is at the center of yet another security storm after Polish security researchers found not one, but two new separate zero-day flaws in the Web plug-in software.
Web users are once again warned to disable Java immediately to prevent any infection on production machines or networks.
Security firm Security Explorations submitted information about the bugs to Oracle, the developer of the Java 7 software, including proof-of-concept exploits that prove the bugs exist. However, in one of the cases, Oracle believes this is "allowed behavior," suggesting an apathy on the company's part to fix the alleged flaw.
The two zero-day flaws are the latest in a number of problems affecting the Java plug-in, forcing Oracle to patch the software twice with emergency patches this year alone.
|My System Specs|
|Similar help and support threads for2: Oracle investigating after two more Java 7 zero-day flaws found|
|Does Java 8 Delay Mean Oracle Finally Serious about Security?||Security News|
|Researchers deliver fix for Java 0-day to Oracle||Security News|
|Cyber Spies Exploit Java and Flash Flaws||Security News|
|Oracle to Patch Dozens of Security Flaws Tomorrow||Security News|
|Oracle Java SE and Java for Business Critical Patch Update||Security News|
|XSS flaws found on three security firms' websites||System Security|
|Oracle sues Google over Java||News|